diff --git a/CHANGES.rst b/CHANGES.rst
index d151faa..77ca306 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -4,6 +4,9 @@ Changelog for Isso
0.11.2 (unreleased)
-------------------
+- Don't enable admin interface with default password by default.
+ (Jelmer Vernooij, #491)
+
0.11.1 (2018-11-03)
-------------------
diff --git a/isso/templates/disabled.html b/isso/templates/disabled.html
new file mode 100644
index 0000000..b009a01
--- /dev/null
+++ b/isso/templates/disabled.html
@@ -0,0 +1,28 @@
+
+
+ Isso admin
+
+
+
+
+
+
+
+
+ Administration is disabled on this instance of isso. Set enabled=true
+ in the admin section of your isso configuration to enable it.
+
+
+
+
+
diff --git a/isso/views/comments.py b/isso/views/comments.py
index 269dd6b..476f368 100644
--- a/isso/views/comments.py
+++ b/isso/views/comments.py
@@ -1068,7 +1068,7 @@ class API(object):
def login(self, env, req):
data = req.form
- password = self.isso.conf.get("general", "admin_password")
+ password = self.isso.conf.get("admin", "password")
if data['password'] and data['password'] == password:
response = redirect(re.sub(
r'/login$',
@@ -1087,6 +1087,9 @@ class API(object):
def admin(self, env, req):
isso_host_script = self.isso.conf.get("server", "public-endpoint") or local.host
+ if not self.isso.conf.getboolean("admin", "enabled"):
+ return render_template(
+ 'disabled.html', isso_host_script=isso_host_script)
try:
data = self.isso.unsign(req.cookies.get('admin-session', ''),
max_age=60 * 60 * 24)
diff --git a/share/isso-dev.conf b/share/isso-dev.conf
index 18400ee..d417a19 100644
--- a/share/isso-dev.conf
+++ b/share/isso-dev.conf
@@ -11,7 +11,10 @@ max-age = 15m
notify = stdout
reply-notifications = false
log-file = /var/log/isso.log
-admin_password = strong_default_password_for_isso_admin
+
+[admin]
+enabled = true
+password = strong_default_password_for_isso_admin
[moderation]
enabled = false
diff --git a/share/isso.conf b/share/isso.conf
index 9828ca4..045f08c 100644
--- a/share/isso.conf
+++ b/share/isso.conf
@@ -59,9 +59,11 @@ gravatar = false
# default url for gravatar. {} is where the hash will be placed
gravatar-url = https://www.gravatar.com/avatar/{}?d=identicon
-# Admin access password
-admin_password = please_choose_a_strong_password
+[admin]
+enabled = false
+# Admin access password
+_password = please_choose_a_strong_password
[moderation]
# enable comment moderation queue. This option only affects new comments.