Administrator interface is managed and required for maintenance (addressing its availability, functionality) for web server. But if this admin interface of web server is made accessible externally this poses risk of brute force attacks in-order to root admin access of web server.
Exposing the */admin page externally increases risk of having SQLi attack, directory structure exposure, etc.
The interface page should be accessible from Internal Port.
Administrator sign in ports
[*] Enable administrators to sign in on the Internal Port
[ ] Enable administrators to sign in on the External Port
Instead of */admin you can use [IP of internal Interface]/admin as the Sign-In URL.
Also further more it is mostly advised to have limited number of IP instances to simultaneously and not grant access to entire subnet IP range.
Content Sniffing
Certain browsers, try to determine the content type and encoding of the response even when these properties are defined correctly...
Content Sniffing
Certain browsers, try to determine the content type and encoding of the response even when these properties are defined correctly...
Content Sniffing
Certain browsers, try to determine the content type and encoding of the response even when these properties are defined correctly...
Content Sniffing
Certain browsers, try to determine the content type and encoding of the response even when these properties are defined correctly...
