Sorry about title, not sure how to describe this.
A small charity I have done work for (Static Website) has a domain which is working fine.
I have created a HTML/PHP/MySQL admin system that has been running on a local PC (using WAMP server).
Now they want to have it hosted as a subdomain of their website so it can be reached by the admin people from home. Their hosting company allows this.
I have concerns about how to prevent the admin system pages being "found" by web crawlers, spiders etc.
The system has a login system with hashed passwords, and all of the pages check to ensure they arrived via the login, but other than that is there anything else I can do to protect them ?