You can put an IP restriction on the Apache configuration for this URL. It means than only people with the right IP will access the login form and the others will be redirected (or Apache will show an error page). Else, your website admin login will always be available.
It will be good to keep the database connection details in the siteaccess-dedicated site.ini files and not in the global override. This way, the admin siteaccess which you don't use will not be able to connect and become useless.
Sorry, I just realized that the admin siteaccess was loaded because it was in the AvailableSiteAccessList[] in the original site.ini.
I thought it was overrided by the site.ini.append.php in settings/override but there was no initial AvailableSiteAccessList[] in order to empty that array.
You must be logged in to post messages in this topic!