WordPress multisite returns https link on front end website creation

With the WPMU Dev pro sites plugin,  you can create a front end signup form to enable users to register and create their own website. If you have some of those websites not on SSL, but the signup website is SSL, you might get the problem that the URL that is generated by the signup function generates an https URL, even though the website is not SSL.

This is caused by the fact that this plugin (and probably many others like it) uses wp_get_sites() to return the siteurl. This function in turn uses the set_url_scheme() function to determine if the URL should be returned with SSL or not.

It appears that if the user is currently on SSL, this function will return the URL with https. And that results in a failure if there is no SSL certificate on that domain. Luckily the set_url_scheme function uses a filter that allows us to override the result. I’ve written a short function that simply looks for the blogid based on the domain, then requests the siteurl. If the siteurl starts with http, the siteurl will be returned.

This function is not meant for multisite setups with subfolders, only for subdomains or domain mapping.

 You can add this function in the functions.php of your theme file.
add_filter("set_url_scheme", "rsssl_check_protocol_multisite", 20, 3 );

function rsssl_check_protocol_multisite($url, $scheme, $orig_scheme){
    if (is_multisite()) {
    //get blog id by url.
    //make sure the domain is with http, e.g. http://domain.com
    $domain = str_replace("https://","http://",$url);
    //remove http:// from the domain. e.g. domain.com
    $domain = str_replace("http://","",$domain);
    $blog_id = get_blog_id_from_url($domain);
    // exit if no blog id was found.
    if ($blog_id==0) return $url; //no blog id found
    //request the blog url and return it. If it is http, the returned url will now also be http.
    $url = get_blog_option($blog_id, "siteurl");
  return $url;
Lightweight plugin, Heavyweight Security features. Get Pro and leverage your SSL certificate for WordPress security standards.