I have often wondered if changing the names "admin" and "appadmin" would be an easy and simple way to add another layer of security? In other words, add these as command-line arguments that can be set on startup? In this way www.mysite.com/admin could be changed to something like www.mysite.com/secretadmin123. After that access attempts to www.mysite.com/admin could either be handled using the normal "invalid request" methods or treated as a breach attempt.
I see that "admin" and "appadmin" are pretty much hard-coded into web2py, so I'm not sure if it would be worth the effort? -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
