Few weeks ago i was fixing a bug in Sharepoint 2010 project available on the internet. The requirement was to prevent access from authenticated users who knows the special Sharepoint addresses (such as _layouts, etc..).
After some research i found the following post:
This is what the post says:
SharePoint allows this by enabling the feature “ViewFormPagesLockDown”. This feature is activated at the Site Collection scope. All groups / users not having the “View Application Pages” permission will not be able to navigate to pages like “_layouts/viewlsts.aspx” or “pages/forms/allitems.aspx”.
- Identify users / group to restrict.
- Set their permission to “Restricted Read” or remove the “View Application Pages” from existing assigned permission level.
- Enable “ViewFormPagesLockDown” feature using the powershell command (replace the [yoursiteurl] with the right url):
stsadm -o activatefeature -url [yoursiteurl] -filename ViewFormPagesLockDownfeature.xml