There are many ways you can secure your connection. For instance add a "securityKey" as another parameter.
Create a key constant in C2 with some value just to salt the hashing. And do the same on your server side.
hashingKey = "#$fdsf$%6YThfY^&%^&24wrw"
securityKey = sha1(username & hashingKey & something)
Send this security key to your server together with credentials. Now on the server side also create securityKey in the exactly same way and compare if it is equal to the one which came.
In that way even if someone knows the URL for registration he is not able to fake the securityKey so he can't do anything.