You may have read before that I have suggested securing the Sphider admin directory with password protection. After all, you don’t want to take a chance of someone else gaining access and changing all of your settings… or worse!
Oh! One more thing. Add SSL. That is something that at one time was expensive and primarily used by sites like businesses with checkout pages and such. Today, SSL in some cases can be free. DreamHost offers “Let’s Encrypt SSL” for free. Then there are self-signed certificates, also free (but not as trustworthy). The advantage of SSL is that when you do need to enter user name/password to one of your password protected directories, it can’t be intercepted.