diff --git a/admin.php b/admin.php
--- a/admin.php
+++ b/admin.php
@@ -25,10 +25,11 @@
   if(!isset($admin_pass)) {
     echo "<p>Administration password not configured. See config.inc for more information.</p>";
     $adminpage->foot();
+    exit;
   }
 
   // Force authentication
-  else if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_PW'] != $admin_pass) {
+  else if (!isset($_SERVER['PHP_AUTH_USER']) || (!isset($_SERVER['PHP_AUTH_PW'])) || $_SERVER['PHP_AUTH_PW'] != $admin_pass) {
     header('WWW-Authenticate: Basic realm="My Realm"');
     header('HTTP/1.0 401 Unauthorized');
     echo '<p>You must authenticate to view this page.</p>';