I'm looking for some feedback and advice before setting up a bunch of new WPMU blogs. Bear with me for a minute while I explain before getting to the actual question.
Whenever I set up a Web site of any kind that requires passwords I use a secure virtual host for the parts of the site requiring passwords. If it's a small private site I can use self-generated SSL certificates because nobody will care. If it's going to be a bigger public site I purchase a real certificate.
In the case of Wordpress/WPMU I want to do the same thing, and specifically deny access to the wp-admin directory completely if the user is not using the https server.
Is that even possible, or would the normal (http) server need access to anything in the wp-admin directory space that would prevent me from splitting the wp-admin area into a separate virtual host?
One reason that I'm even asking this question is that in my research on security for Wordpress I noticed this URL:
It's an unsecure signup form for a new blog that seems to call a second unsecure page. So if I'm sitting in my local coffee shop when I create my new blog, it would be very easy for someone to intercept my new user id, password and e-mail address. Then the bad guy could do annoying stuff like change the e-mail address to something else that automatically copies him on password changes and other administrative e-mails.
Also, this support article:
In that article they recommend always using HTTPS for admin links, but how many people actually figure that out? And even if they do enable that option it would still be possible to use unsecure links to the same pages because it's only an option, not a hard server configuration. If it's easy, why not make HTTPS the default and let people opt-out if they really have a good reason and know what they are doing?