Note to Self
In the future, when working on Drupal sites, do not set the login block to show up only on admin pages, thinking that this will somehow give you a Joomla-like setup where you have to type in the admin URL to get to the login page, and the general public is not tempted to try to log in to something they shouldn't.
What in fact happens if you do this with Drupal is that you type in the admin URL, and get an Access Denied page telling you that you need to be logged in to access the page.
Which of course, you can't do, given that the page you need to be logged into access is now the only page from which you CAN log in.
On the bright side, I suppose this is by far the most secure CMS site I have ever set up. It's so secure that NO ONE can log into it. Including me.
ETA: yourdomain.com/user is your friend. Just not yourdomain.com/admin.
What in fact happens if you do this with Drupal is that you type in the admin URL, and get an Access Denied page telling you that you need to be logged in to access the page.
Which of course, you can't do, given that the page you need to be logged into access is now the only page from which you CAN log in.
On the bright side, I suppose this is by far the most secure CMS site I have ever set up. It's so secure that NO ONE can log into it. Including me.
ETA: yourdomain.com/user is your friend. Just not yourdomain.com/admin.