Re: IIS 6 page access

From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 06/03/04 

Date: Wed, 2 Jun 2004 21:15:09 -0700

HTTP is stateless and does not intrinsically support your concepts, so you
need to implement it.

Since a web server, by definition, allows users to request any URL and has
NO application-level knowledge (like you wanting to force users to enter a
web application through one URL and no others), you must implement the
specific application-level behavior that you want. This is the way the web
works.

Tom simply suggests that your main URL page should set some state that
indicates to any other page on your website that "the user came from the
home page", and have all your web pages check for this state prior to
displaying themselves. If this state is missing, your web pages should send
a 302 redirection to the client to "go back to the home page" and get that
state. 

-- 
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
<alvis.floyd@forgreater.com> wrote in message
news:E06740EA-D0BC-4B75-97C7-8B8541036B14@microsoft.com...
thank you for the link but i dont know what the process is called for what i
am looking for
 can you be a little more specific thanks
     ----- Tom Kaminski [MVP] wrote: -----
     <alvis.floyd@forgreater.com> wrote in message
     news:F0AEBB6E-E008-4EC5-AA5A-2636A68BF46E@microsoft.com...
     > how can i prevent a web user from entering my web site
     > by typing the url to a specific page.
     > for example i dont want any one to type this url and get the page
below
     > http://www.transactcard.com/application.aspx
     >> all users should only enter my web site from
     > http://www.transactcard.com
     Nothing you can do specifically in IIS per se, you need an ISAPI filter
or
     perhaps modify each aspx to have it check for a session var that gets
set on
     the home page:
     http://www.aspfaq.com/show.asp?id=2002
     -- 
     Tom Kaminski IIS MVP
     http://www.iistoolshed.com/ - tools, scripts, and utilities for running
IIS
     http://mvp.support.microsoft.com/
     http://www.microsoft.com/windowsserver2003/community/centers/iis/

Relevant Pages

  • Re: IIS 6 page access
    ... > how can i prevent a web user from entering my web site ... > for example i dont want any one to type this url and get the page below ... Tom Kaminski IIS MVP ...
    (microsoft.public.inetserver.iis)
  • Secure Certificate
    ... i have a web site that is on IIS ... it gives me a win logon screen which i dont want (i do ... and it takes me to a underconstruction page which is also ...
    (microsoft.public.inetserver.iis.security)
  • DEFAULT WEB SITE!!!!!
    ... How can I desable the default web site do IIS 4.0???? ... samples pages at the instalation but when I type the IP of my IIS Server on ... I dont want it!!! ...
    (microsoft.public.inetserver.iis.security)
  • Re: Exchange Virtual Directory 404 Not Found
    ... XCCC: IIS Lockdown and URLscan Configurations in an Exchange Environmenthttp://support.microsoft.com/?id=309508 ... re-create the Exchange-related virtual directories in Internet Services ... visit the following Microsoft Web site: ... Custom installation option to install only Metabase Explorer 1.6. ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote Webworkplace and OWA 3 times log in
    ... I rest the IIS - Start RUN - type iisreset ... the IIS Default Web Site application. ... Windows account for anonymous access to the Administrator account I renter ... I understand that users can logon to RWW and OWA ...
    (microsoft.public.windows.server.sbs)