In ASP.NET web app, I have login.aspx. I force that every user access through

Question

0

Asked: June 9, 20262026-06-09T01:45:37+00:00 2026-06-09T01:45:37+00:00

In ASP.NET web app, I have login.aspx. I force that every user access through

0

In ASP.NET web app, I have login.aspx.
I force that every user access through Login.aspx, setting that on web.config:

<authentication mode="Forms">
<forms name="coockie_aut" loginUrl="login.aspx" protection="All" path="/" timeout="60" slidingExpiration="true"/>
</authentication>

My question is:
Using form authentication and loginurl, would it prevent from trying to hack any web page without accessing first Login.aspx? Does it mean that allways allways there will be forced to access Login.aspx first?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-09T01:45:39+00:00

Editorial Team

2026-06-09T01:45:39+00:00Added an answer on June 9, 2026 at 1:45 am

That depends what you mean by “hack”. Default Forms Authentication will redirect any request with no session authentication token to the login page. There are all kinds of session stealing, man-in-the-middle, brute-force, and other varieties of attacks that you may still be vulnerable to.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

In ASP.NET web app, I have login.aspx. I force that every user access through

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply