requests identified as BOTs should be prevented from accessing the ADMIN
Presently we are seeing intermittent errors being raised where a request identified as a spider will have sessions disabled.
However the path being hit is the admin of the site therefore it errors as sessions are required.
This can be easily fixed by returning a 401 to spiders that are trying to hit the admin path.
It would also quieten the error logs