Security: URL to be configurable in /etc/wordpress/…

Again, I ask for a small but important change in wordpress:

A wordpress blog currently cannot be shown under more than one URL, because the base URL (https://…/blog/ ) is configured in the SQL database. This is a major security flaw, since on a shared webserver with virtual hosts I cannot have the blog readable over https://… and the admin access under https://…/…

Since wordpress requires transmission of passwords in plaintext, this is a severe security flaw. I know that there are several patches floating around to address this flaw, but none of them works reliably. However, they still show that the problem exists.

My proposal:

Allow to override the base URL (which is configured in the SQL database) to be overridden in /etc/wordpress/*.php at runtime. This allows to have the same blog twice, once under https:// for reading, and once under https://.. for administrative access.

You need to take security more serious.

regards
Hadmut