Skip Ribbon Commands
Skip to main content

Quick Launch

nextFLOW > BLOG > Posts > Deny access for anonym user to _layouts or _vti_bin files
Februar 15
Deny access for anonym user to _layouts or _vti_bin files

SharePoint Server 2010:

If you are using SharePoint 2010 Standard or Enterprise Editon, the "backoffice area", can be easily locked down by a feature called "lockdown". This feature can be activated by using a powershell script.

To check if the feature is already activated enter the following command:

get-spfeature -site http://sitecollectionURL

 
To enable the feature use the following command:
 
enable-spfeature viewformpageslockdown -url http://sitecollectionURL

 

If anonymous is already setup, please disable and enable the anonymous access again.
 
 
 
SharePoint Foundation 2010:
 
If you are using the Foundation, this feature does not exist. But to get the same result you can add some entries to your web.config.
 
For example, for denying access to the _layouts and _vti_bin folder, just add the following configuration tags to you web.config file:
 
<location path="_layouts">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
</location>
<location path="_vti_bin">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
</location>
 

Comments

There are no comments for this post.