# New Install with Multisite Enabled Questions

**URL:** https://discourse.roots.io/t/new-install-with-multisite-enabled-questions/29586
**Category:** bedrock
**Tags:** multisite, bedrock
**Created:** 2025-05-07T16:20:23Z
**Posts:** 3

## Post 1 by @andrade — 2025-05-07T16:20:23Z

Hello,

I’ve currently am taking Bedrock for a spin locally on my Mac using MAMP PRO (Latest). I have the network stood up with one extra sub site using the sub-domain approach. Perhaps I’ve missed something but I’m seeing for example these types of errors in my console.

`Mixed Content: The page at 'https://site2.local-wordpress.local/' was loaded over HTTPS, but requested an insecure stylesheet 'http://local-wordpress.local/app/themes/twentytwentyfive/style.css?ver=1.2'. This request has been blocked; the content must be served over HTTPS.`

**Why are the theme assets being served from http and not https?**

`GET https://site2.local-wordpress.local/local-wordpress.local/app/themes/twentytwentyfive/assets/fonts/manrope/Manrope-VariableFont_wght.woff2 net::ERR_ABORTED 404 (Not Found)`

How is it that the path to this asset is being duplicated: **[https://site2.local-wordpress.local/local-wordpress.local/app](https://site2.local-wordpress.local/local-wordpress.local/app)**…

My .htaccess file @ web/:

```
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) wp/$1 [L]
RewriteRule ^(.*\.php)$ wp/$1 [L]
RewriteRule . index.php [L]
</IfModule>
```

My .env @ /:

```
WP_ENV='local'
WP_HOME='local-wordpress.local'
WP_SITEURL="${WP_HOME}/wp"
```

---

## Post 2 by @andrade — 2025-05-07T16:27:26Z

I made an adjustment to my `.env` file to:

```
WP_ENV='local'
WP_HOME='https://local-wordpress.local'
WP_SITEURL="${WP_HOME}/wp"
```

This fixed the dup in the path BUT now I’m getting CORS errors:

```
Access to font at 'https://local-wordpress.local/app/themes/twentytwentyfive/assets/fonts/manrope/Manrope-VariableFont_wght.woff2' from origin 'https://site2.local-wordpress.local' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
```

What can i do to fix this issue?

Thank you

---

## Post 3 by @YourRightWebsite — 2025-05-14T22:38:50Z

You can configure the WP\_HOME and WP\_SITEURL values in application.php to take the value from the current domain name, so assets are always loaded from the correct URL. In application.php find:

```
Config::define('WP_HOME', env('WP_HOME'));
Config::define('WP_SITEURL', env('WP_SITEURL'));
```

Replace with:

```
Config::define( 'WP_HOME', 'https://' . $_SERVER['HTTP_HOST']);
Config::define( 'WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST']);
```

More information can be found [here](https://yourrightwebsite.com/tutorial-how-to-install-wordpress-multisite-with-sage-and-bedrock/).