Hello everyone here is my question. I have a login page that I simply do a check against a password table to verify a user. I then set a Session variable. I was originally just was going to change my pages to ASP and do a Session check on that variable to lock down all the other pages that I don't want to be able to type in directly the URL and get to those pages. Now all these pages that I want to lock down are under one directory called Shopper. There are many many pages and to turn all into ASP it would take me a year. Is there anyway I can lockdown the directory or something so anything that is proceeded with http://<my domain>.com/shopper will redirect back to login page if not validated? Thanks