Prevent users from accessing Site Settings application page

Just this week, I accidentally found out that users were able to access Site Settings page, with some sections open out publicly accessible, for example the Regional Settings column! This raise a security threat as we don’t want users to be able to touch these settings. After much digging, I realised it’s because one custom permission that was created for the users have “Browser Directories” permission checked. Once this is unchecked, then they are denied from accessing the setting page.

Categories: Sharepoint 2010