Do not allow access to defaultUrl in web.config file


I have a web application that has loginUrl="Index.aspx" and% defaultUrl="list.aspx" .

This works well, because once I have the Index.aspx and I hope the user identifies, I get the page list.aspx .

The problem is that if I directly put the URL of list.aspx , I can open it without having to go through Index.aspx .

How can I block access and only once I have gone through Index.aspx the page list.aspx is posted?

Thank you very much in advance.

Here is part of my web.config :

<authentication mode="Forms">
      <forms loginUrl="Index.aspx"
             timeout="600" name=".Auth"
asked by A arancibia 08.02.2016 в 19:11

1 answer


You must add an authorization in Web.config with the following command:


<authentication mode="Forms">

    <deny users="?"/> <!--acá denegas el acceso a los usuarios anónimos-->


I leave this link where you can see more info about it: Setting authorization

answered by 08.02.2016 / 20:20