Using IIS 7 URL rewrite rules to block the public "access" to SharePoint "_layouts" pages

When you use MS SharePoint 2007 / 2010 site as a Internet public facing site, it's smart and safe to block the anonymous access to back-end "_layouts" pages.

It's easy to use IIS 7 URL rewrite rules to perform the access blocking.
Below is the sample rule.

     <rule name="_layouts" stopProcessing="true">
          <match url="^_layouts($|/.*)" />
          <conditions logicalGrouping="MatchAny">
               <add input="{HTTP_HOST}" pattern="^pub\.stag\.moevenpick-icecream\.com$" />
               <add input="{HTTP_HOST}" pattern="^pub\.prod\.moevenpick-icecream\.com$" />
                <add input="{HTTP_HOST}" pattern="^www\.moevenpick-icecream\.com$" />
          </conditions>
          <action type="None" />
        </rule>

If you want to black the access to "_layouts/login.aspx" page, then use this rule:

        <rule name="Disable SharePoint login.aspx Page" enabled="false" stopProcessing="true">
            <match url="^(.*|/)Login.aspx.*$" />
            <action type="AbortRequest" />
        </rule>

For more SharePoint 2013 Administration tips, see below book.



Comments

Post a Comment

Popular posts from this blog

Top JavaScript courses helping you develop SPFx webPart with ReactJS and AngularJS

Image
As SharePoint 2016 is launched and the SharePoint Framework was announced on 4th of May,  for a SharePoint developer, these are the technologies that you should learn in the next months in order to be prepared to the new framework. They are AngularJS, ReactJS, Node.js and TypeScript. I shared those best online courses from "Udemy.com" in here. Learn anytime, anywhere, on most devices. Each course comes with a 30-day money-back guarantee. Course : Sharepoint: SPFx Development Model - It's providing clear instructions on this new SPFx framework. It delivers an example of full development workflow using Knockout.js JavaScript framework and PnP helper code. Instructor: OLEG RUMIANCEV is a full-time SharePoint ninja currently living in Biddulph, United Kingdom. His interests range from Microsoft and SharePoint to AI, and inspirational TED talks. ReactJS - React is straight JavaScript and more smaller compare with Angular JS. It's emerging in an ecosystem of...
Read more

Effective LLM Prompting skills

Apply best practices for crafting effective prompts to LLM are key for effective prompting to LLM . Here are the best practices. Role assignment: specifying a role for the LLM lead to a more helpful response. You can even a pply multiple roles to LLM Specificity and context: by providing context about your role and the situation and highlighting your specific concerns, you're guiding the LLM to provide specific and relevant information. Feedback to LLM:  You can effectively analyze your prompt based on the LLM response, and identify weaknesses, and points out the targeted improvements for better prompt. For example, you are a software developer and want LLM to review and debug the code errors. Your prompt can be: You are a senior Python developer and tester, I'm a junior Python developer working on a program to calculate daily interest rates. I'm encountering an error when running my code. Could you help me debug it? Here's a snippet of the code: "..."', a...
Read more

Enable the Microsoft Power BI report file type (.pbix) in SharePoint Search

Image
By default, the Microsoft Power BI report file (.pbix) is not in the list of file type in SharePoint 2013 search configuration in Central Admin, and so you wouldn't open the Power BI file directly by clicking the link from the search result page. However, it's easy to add this file type by following configuration. Open “Central Admin” site, and then go to "Manage service applications”->”Search Service Application XX” (use the actual name of the “Search Service Application” in your site). Click on the “File Type” in left side navigation. Click the New File Type button and type PBIX (no period needed) in the File extension box and click OK. Restart the Search Service: Go to local “services”, stop the SharePoint Server Search service and start it again. Reset Your Index: Back on the Search Administration page within Central Administration you will want to click on the Index Reset link under Crawling on the left side menu. Press the Reset Now button. Rem...
Read more