#2 Secure update.php

[Adam]

Currently, update.php is called from curl with no authentication at
all. The next version needs to find a way to prevent this page
from being called without some form of authentication, even if it's
IP-based and only allows the server it's being hosted on to update
it.