I think we could allow a whitelist for /admin access. By default, it could be set to only localhost but a user should be able to modify it to a limited set of IPs, or just anything.
I think we could allow a whitelist for /admin access. By default, it could be set to only localhost but a user should be able to modify it to a limited set of IPs, or just anything.