diff --git a/source/de/anomic/http/httpdFileHandler.java b/source/de/anomic/http/httpdFileHandler.java
index 827f31a8f..3918d5da4 100644
--- a/source/de/anomic/http/httpdFileHandler.java
+++ b/source/de/anomic/http/httpdFileHandler.java
@@ -245,6 +245,15 @@ public final class httpdFileHandler extends httpdAbstractHandler implements http
         // check permission/granted access
         String authorization = (String) requestHeader.get(httpHeader.AUTHORIZATION);
         String adminAccountBase64MD5 = switchboard.getConfig("adminAccountBase64MD5", "");
+		if( authorization != null && adminAccountBase64MD5.equals(serverCodings.standardCoder.encodeMD5Hex(authorization.trim().substring(6))) ){
+            requestHeader.put("IS_ADMIN", "true");
+		}else{
+			//WARNING: This Line ist very Important, do not remove!
+			//It resetzt the virtuel header to false, so nobody can provide
+			//a real header IS_ADMIN: true to gain adminrights
+            requestHeader.put("IS_ADMIN", "false");
+        }
+
         if ((path.endsWith("_p.html")) && (adminAccountBase64MD5.length() != 0)) {
             // authentication required
             if (authorization == null) {
@@ -253,7 +262,7 @@ public final class httpdFileHandler extends httpdAbstractHandler implements http
                 headers.put(httpHeader.WWW_AUTHENTICATE,"Basic realm=\"admin log-in\"");
                 httpd.sendRespondHeader(conProp,out,httpVersion,401,headers);
                 return;
-            } else if (adminAccountBase64MD5.equals(serverCodings.standardCoder.encodeMD5Hex(authorization.trim().substring(6)))) {
+            } else if (requestHeader.get("IS_ADMIN", "false") == "true") {
                 // remove brute-force flag
                 serverCore.bfHost.remove(conProp.getProperty("CLIENTIP"));
             } else {