I plan to publish the CMS admin pages for a client so that they can edit content on their browser on their own computer. When they enter their admin and password through a browser, it will travel through their server to the host server unsecured, and leave their website open for the possibility of someone seeing that information and hacking into their account. Have I missed something?.. as I believe unless those pages are https, that information would be unsecured.