diff --git a/web/yaamp/modules/site/SiteController.php b/web/yaamp/modules/site/SiteController.php
index f8a1ee3..5b153cc 100644
--- a/web/yaamp/modules/site/SiteController.php
+++ b/web/yaamp/modules/site/SiteController.php
@@ -5,12 +5,19 @@ class SiteController extends CommonController
 	public $defaultAction='index';
 
 	///////////////////////////////////////////////////
-
+	// Security Note: You can rename this action as you
+	// want, to customize the admin entrance url...
+	//
 	public function actionAdminRights()
 	{
-		$client_ip = $_SERVER['REMOTE_ADDR'];
-
+		$client_ip = arraySafeVal($_SERVER,'REMOTE_ADDR');
 		$valid = isAdminIP($client_ip);
+
+		if (arraySafeVal($_SERVER,'HTTP_X_FORWARDED_FOR','') != '') {
+			debuglog("admin access attempt via IP spoofing!");
+			$valid = false;
+		}
+
 		if ($valid)
 			debuglog("admin connect from $client_ip");
 		else