A quick explenation of how todo a user logoff in asp.net while using forms authentication.

It is actually very simple. All you need is to create a logout.aspx page and add the following code. Then to logoff any users from anywhere in your application simply link to the page /Logout.aspx

public partial class Logout : AppPage
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (User.Identity.IsAuthenticated)
        {
            Session.Clear();
            FormsAuthentication.SignOut();
            Response.Redirect("Logout.aspx");
        }
    }
}

I made a couple of different posts involving asp.net http modules but never explained how to install them. The modules were to block web site access by ip address and also another to block postbacks based on files requested both of these were to filter backlink spam and to cut it at source. The ip addrss blocking was not so successful though it was effective. The blocking of postbacks seem to be having great success and one week later I have only seen around 1-2 spam items make it though the filter.

Installing this modules is actually pretty simple. You would need to create a new project in visual studio for a class dll and add the correct references until it compiles. eg System, System.Web, System.Data, System.Core and of course any other references that are required. It is possible to create these external to any asp.net project then add them to any asp.net application.

More...

I was previously trying to prevent comment spam by blocking access by ip address. However it does appear that this really isn't very suitable. The amount of comment spam did drop from around 500-600 items per day to around 40 - 60. So it just is not effective enough and you also run the risk of blocking valid users from accessing the content on the site.

I have now come up with a new method which is a much safer and does not require the overhead of using a database. I decided to look into the web server logs and noticed that the clients are bots and not really web browsers they only request then postback a valid page in an attempt to get the comments to appear on the site. So this new approach uses this to an big advantage.

More...

Looks like the scammers are not the only people who don't tend to check their software properly before blasting the crap out across the internet. This has to be one of the worst scam attempts I have seen yet. They actually forgot to populate the links to click on in the email ....

<a rel="nofollow"><font color="#f1823b">View   Statement</font></a>

Looks like a new type of ebay scam has appeared. It looks like they are now trying to convince you to answer a question for a product that you a probably not currently selling with a fake link to a site attempting to steal your login details.