anonymous wrote : | Would it be appropriate to use security rules to send 404s if someone tried to access one of the "control" domain pages through a non-control hostname? Or would that be a perversion of the security system? | Yes, it would be a perversion of the security system. It would be "security through obscurity" - and even rather poor at that. Security should NEVER depend on false error messages and something as fragile as DNS. Use secure name/passwords instead. Regards Felix View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4035341#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...