Do not expose administrative functionnality on the user UI.
Protect the administrative/restricted functionality with a strong authentication mechanism.