In the previous version 2.1.0 the admin stuff lived in its own directory. This was good because I could use Apache to bloce access from users outside the intranet.
This is no longer possible.
It would be nice to have this functionality again. Perhaps a table containing the IP addresses allowed to log in to the super admin account.