It will be added back in 3.5.1 but
without support. We know what causes the problems, the solution is outside what we can possibly do (we're not your hosts) so if you want to use it you'll have to do it at your own risk.
That said, please let me reiterate that it adds no real protection against hackers. I already know how to circumvent it to exploit badly written plugins. I also understand it offers no protection against direct access to badly written .php files (that's why the .htaccess Maker has the back-end protection feature). Overall, it only gives you a FALSE sense of security. It's the same as the GeoBlock feature: looks fancy, offers no protection, our clients raised hell when we tried removing it. All right, people, all right, if you want a useless feature so badly I'm adding it back, stop shouting. I just can't understand for the life of me why you so desperately want snake oil security features when we offer more than three dozen
actual, honest-to-God, perfectly working security features... Well, it's your choice :)
Regarding Joomla!'s index.html files, you may not realise it but they were removed because of
my blog post and my constant bitching about it in every single opportunity I got :D The bottom line is that I do understand what offers security and what offers a
false sense of security. I'm a proponent of the former and against the latter. When I first implemented the renamed administrator directory it seemed like a good idea. On second and third look, not so much: it doesn't solve any problem, it only makes it seem so. On top of that it caused a hell of a lot of issues. That's why I decided to remove it. I didn't wake up on the wrong side of bed one morning and said "OK, let's do something to upset my clients". Quite the contrary.
If you really want to secure your administrator login page use the administrator password protection (holds off the bots without bringing down your server), the secret URL parameter (works like the custom administrator directory without the drawbacks) and two factor authentication (protects you efficiently if both defenses are compromised). This is what we do on our own site, bringing down the number of daily attacks to our administrator login page from 1000+ to ZERO. Try it, you'll be amazed!
Nicholas K. Dionysopoulos
Lead Developer and Director
π¬π·Greek: native π¬π§English: excellent π«π·French: basic β’ π My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!