OK here is my question in another turn around I have a sub-domain (ex: test.aio.com) that contains HTML files in folders and sub folders , I need to restrict access to these files if the user is not authenticated .
the authentication is made on site: (aio.com) ,everything is working fine , I have disabled folder browsing in IIS , but users can still type the url of the subdomain / foldername/filename.html and they can access the files.......
how can i restrict access to the HTML files if user is not authenticated ???