In my web application all the .aspx pages resides in Pages directory. The project structure is shown below:
The Home.aspx is set as Start Page and the Web.config file of the Pages folder contains:
<configuration>
<location path="Secured">
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</location>
</configuration>
And the main Web.config has:
<authentication mode="Forms">
<forms loginUrl="~/Pages/Login.aspx" timeout="2880" defaultUrl="~/Pages/Secured/Home.aspx" />
</authentication>
So when the application launches it redirects to the Login page with the URL:
http://localhost:2453/Pages/Login.aspx?ReturnUrl=%2fPages%2fSecured%2fHome.aspx
Now if I delete the
Login.aspx?ReturnUrl=%2fPages%2fSecured%2fHome.aspx
from that URL and press enter it is taking me to the Directory Listing:
What I want that it will again send me to the Login page located at
How can I achieve this? Your help be appreciated.
Thanks.
The localhost:
You need to disable directory browsing from IIS or from the web.config
<configuration>
<location path="Secured">
<system.webServer>
<directoryBrowse enabled="false" />
</system.webServer>
</location>
</configuration>
this entry above applies to IIS 7+, for IIS 6 you'll have to do it from IIS Manager