Logo 
Search:

Sharepoint 2010 Articles

Submit Article
Home » Articles » Sharepoint 2010 » Community AdvancementRSS Feeds

How to Ho to secure external anonymous access to SharePoint 2010 sites

Posted By: Destin Joy     Category: Sharepoint 2010     Views: 7874

How to Ho to secure external anonymous access to SharePoint 2010 sites

In this article I am describing about securing anonymous access in SharePoint 2010 sites. This is a pain for most of the organization when dealing with public facing anonymous access sites. In this article I also cover about how to secure _layout folders also.

If you're developing an anonymously accessible SharePoint website, especially an internet-facing one, you may have noticed that you’re SharePoint Forms pages are also accessible to anonymous users. For example http://SERVER/_layouts/viewlsts.aspx, _vti_bin web services etc.  Typically we don't want this, so how do you prevent anonymous users from accessing these pages? The below steps will help you to do it.This feature is known as lock down feature which is by default enabled for publishing sites.

To enable this feature

  1. First remove all anonymous access from the site.
  2. Then open command prompt and go to the folder C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN
  3. First check whether the feature is activated or not you can use the below command to check the same
  4. get-spfeature -site http://url
  5. If ViewFormPagesLockDown is listed, it's enabled.
  6. If not listed you have to enable it with the below command

To activate the Activate Feature:

  1. stsadm -o activatefeature -url -filename ViewFormPagesLockDown\feature.xml

De-Activate Feature:

  1. stsadm -o deactivatefeature -url -filename ViewFormPagesLockDown\feature.xml

Even when lockdown mode is enabled, anonymous users can still access certain SharePoint Server application URLs, such as pages in the _layouts directory and Web services that are exposed in the _vti_bin directory. So, to increase security, you should enable lockdown mode and also modify the Web.config file. With the following XML element

 

<addpath="configuration">

    <locationpath="_layouts">

      <system.web>

        <authorization>

          <denyusers="?" />

        </authorization>

      </system.web>

    </location>

 

    <locationpath="_vti_bin">

      <system.web>

        <authorization>

          <denyusers="?" />

        </authorization>

      </system.web>

    </location>

 

    <locationpath="_layouts/login.aspx">

      <system.web>

        <authorization>

          <allowusers="?" />

        </authorization>

      </system.web>

    </location>

 

    <locationpath="_layouts/error.aspx">

      <system.web>

        <authorization>

          <allowusers="?" />

        </authorization>

      </system.web>

    </location>

 

    <locationpath="_layouts/accessdenied.aspx">

      <system.web>

        <authorization>

          <allowusers="?" />

        </authorization>

      </system.web>

    </location>

 

 

 

Share: 



Destin Joy
Destin Joy author of How to Ho to secure external anonymous access to SharePoint 2010 sites is from Pathanamthitta, India. Destin Joy says

 Hello Everyone,

I am Destin Joy from India I have MCPD in SharePoint 2010, MCTS SharePoint 2010 application development and MCTS in SharePoint 2007. I am mostly working in  core part of SharePoint (2010-2007) and passionate about new Microsoft technologies. Born and brought up in Kerala You can reach me  @ Destin.Joy@hotmail.com

 

 
View All Articles

 
Please enter your Comment

  • Comment should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
No Comment Found, Be the First to post comment!