ASP.net Disallow Direct Access to Admin Directory
We have a directory named Admin in the root folder of an ASP.net (4.0) web application.
I have created a route to the Admin/Dashboard.aspx
and it works fine.
I was curious if I could disallow to run the file through direct access, even to the administrators.
Is it doable?
You can do with some web.config setting like below
<location path="~/Admin/Dashboard.aspx"> <system.web> <authorization> <allow roles="admin"/> <deny users="*"/> </authorization> </system.web> </location>