I am just reading over the codex on how to harden WordPress and the administering over SSL.
I am wondering if it would be possible at all and if this would help with security at all, if you were to give your main blog and the wp-admin back end two separate domain names.
I'm thinking that a really good hacker might be able to just use your websites IP address instead of a domain name, which would make this idea redundant. However, i can't help but wonder if it would be possible or even worth doing.
Something tells me if you could use two domain names and two separate servers for your wp-admin and main blog, and be able to keep the domain name and ip of the wp-admin server hidden then i suppose it might work.
if a hacker could get in to ur wp-admin, they can get into ur config file and find the location of your mysql server, but i bet with some fancy tools they can detect where the mysql requests are going just be browsing the website.
I'm not sure is the right place to post this, but if anyone has any comments or info that would be cool :)