On the internal main page, create “log-off” or “exit” link. In code behind of the same page write sub to disable browser back button, like this:
[ Control-Panel.aspx.vb ]
Protected Overloads Overrides Sub OnPreRender(ByVal e As EventArgs)
'/ disable back button MyBase.OnPreRender(e) Dim strDisAbleBackButton As String strDisAbleBackButton = "<script language='javascript'>" & vbLf strDisAbleBackButton += "window.history.forward(1);" & vbLf strDisAbleBackButton += vbLf & "</script>" ClientScript.RegisterClientScriptBlock(Me.Page.[GetType](), "clientScript", strDisAbleBackButton) End Sub
In form section of the Close-Session.aspx write this code:
[ Close-Session.aspx ]
form id=" form1 " runat=" server "> <% Session.Abandon() Session.Remove( "Name" ) Response.Redirect( "Your-Page.aspx" ) %> </form
Once you kill the session and redirect user to different page, user will not be able to use back button to go to previous page, and in order to access protected pages user will need to login again and create new session.