diff --git a/conf/admin/hello.html b/conf/admin/hello.html
index 191d839..6d91367 100644
--- a/conf/admin/hello.html
+++ b/conf/admin/hello.html
@@ -1 +1 @@
-### 👏👏👏 你好 ***{{username}}***， 欢迎使用 [RustDesk Api](https://github.com/lejianwen/rustdesk-api)
\ No newline at end of file
+### 👏👏👏 你好 ***{{username}}***， 欢迎使用 [RustDesk API](https://github.com/lejianwen/rustdesk-api)
\ No newline at end of file
diff --git a/http/controller/admin/config.go b/http/controller/admin/config.go
index 3032f1e..ef4165c 100644
--- a/http/controller/admin/config.go
+++ b/http/controller/admin/config.go
@@ -61,6 +61,12 @@ func (co *Config) AppConfig(c *gin.Context) {
 func (co *Config) AdminConfig(c *gin.Context) {
 
 	u := service.AllService.UserService.CurUser(c)
+	if u == nil || u.Id == 0 {
+		response.Success(c, &gin.H{
+			"title": global.Config.Admin.Title,
+		})
+		return
+	}
 	hello := global.Config.Admin.Hello
 	helloFile := global.Config.Admin.HelloFile
 	if helloFile != "" {
diff --git a/http/router/admin.go b/http/router/admin.go
index fad66c5..c6e5828 100644
--- a/http/router/admin.go
+++ b/http/router/admin.go
@@ -22,6 +22,9 @@ func Init(g *gin.Engine) {
 	adg := g.Group("/api/admin")
 	LoginBind(adg)
 	adg.POST("/user/register", (&admin.User{}).Register)
+
+	ConfigBind(adg)
+
 	adg.Use(middleware.AdminAuth())
 	//FileBind(adg)
 	UserBind(adg)
@@ -35,7 +38,6 @@ func Init(g *gin.Engine) {
 	AddressBookCollectionBind(adg)
 	AddressBookCollectionRuleBind(adg)
 	UserTokenBind(adg)
-	ConfigBind(adg)
 
 	//deprecated by ConfigBind
 	//rs := &admin.Rustdesk{}
@@ -221,9 +223,13 @@ func UserTokenBind(rg *gin.RouterGroup) {
 func ConfigBind(rg *gin.RouterGroup) {
 	aR := rg.Group("/config")
 	rs := &admin.Config{}
+
+	aR.GET("/admin", rs.AdminConfig)
+
+	aR.Use(middleware.AdminAuth())
 	aR.GET("/server", rs.ServerConfig)
 	aR.GET("/app", rs.AppConfig)
-	aR.GET("/admin", rs.AdminConfig)
+
 }
 
 /*
diff --git a/service/user.go b/service/user.go
index 5d75006..5c31100 100644
--- a/service/user.go
+++ b/service/user.go
@@ -280,7 +280,7 @@ func (us *UserService) UpdatePassword(u *model.User, password string) error {
 
 // IsAdmin 是否管理员
 func (us *UserService) IsAdmin(u *model.User) bool {
-	return *u.IsAdmin
+	return u != nil && *u.IsAdmin
 }
 
 // RouteNames