Lets say that I have a domain hosting a public facing website ( www.mywebsite.com). Now lets say that -
1) Security is not a big thing. 2) To save money, I want to host the admin interface on the same domain ( www.mywebsite.com/admin). 3) The admin interface requires login but never the less I do not want the public to be even aware of the location of the admin interface. 4) But there is a chance that someone might type in www.mywebsite.com/admin by guessing and discover that there is an admin user interface there. 5) I dont want to use complicated IP blocking to block access to the admin interface - I want to be able to login from any machine. I also dont want to go down the expensive certificate route. In this case, the following will be useful - 1) A browser that has a simple interface from where I can map a key to a url. When I make a request to my admin URL, it sends this key in the header, get or post. 2) A server which shows a 404 unless the key is present in the header, get or post. This is fairly a simple feature and I feel that if browsers and servers implement this, it could become popular. Could people please give me thoughts on this, if there might be benefits to this, and if it would be possible for apache http server to implement this?
