Preventing / Blocking Page Review after Logout with Forms Authentication

After logging out we can prevent getting previous page or information by doing following things.

Add Code to Page Load event:
—————————–

Response.Cache.SetExpires(DateTime.UtcNow.AddMinutes(-1));
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetNoStore();

Or We can use following code

Page.Response.AppendHeader("Cache-Control", "no-store, no-cache, must-revalidate, post-check=0, pre-check=0");

Add Code to Log out Button:
—————————–

Session.Abandon();
//Session["IsLogedIn"] = "0"; //set your session status
//Response.Redirect("set your log in page");

You can download sample project on it.

  • MD. Mahedi Hasan

    Thanks, this is really effective code against my problem. thanks again

  • Sarat

    Hey there,
    I have tried the Session.Abandon() in the login page load and also in Log out page load, but after executing and after logging out when I press back button on the browser it is displaying the last page I have executed not the Login page Y??

  • Sarat

    I just want to know code for preventing getting previous page After logging out using sessions apart from Session.Abandon

  • hi sarat,

    At first you have to create a session where you can check is user loged in or not. if user is not loged in then redirect him to log in page.

    How??
    =====
    1. Add a Global.asax on your site.
    2. Add following code to your Global.asax file.

    protected void Session_Start(object sender, EventArgs e)
    {
    // This session is used for checking is user loged in or not.
    Session.Add("isLogIn", "");
    }

    3. Then add following code on your page load event

    Page.Response.AppendHeader("Cache-Control", "no-store, no-cache, must-revalidate, post-check=0, pre-check=0");

    if (Session["isLogIn"].ToString () != "1")
    {
    Response.Redirect("your login page.aspx");
    }

    4. Then add following code to logout button
    Session["isLogIn"] = "0";
    Session.Abandon();
    Response.Redirect("Default.aspx");

    I have attached a simple project with my post. Please check it.

    • bazith

      Lot of thanks for your Solution….