A very simple-minded aproach. Perhaps not nice, but needs only adminship (if you keep it for trusted people) and the AbuseFilter extension. Create a subpage called* /header* for each page, and protect it. Then install a filter that won't let the user to save the page unless itt begins with the {{/header}} string. No hooks neccessary.