Our site has been working fine for years - all anonymous access. On google someone was able to see our login screen and the managers would like it to be not visible from our website. Is there a way to block its visibility?
Yes, add all the deny rules first and then allow. If still not working, change the dispatcher log level to DEBUG and check the logs when you hit the URL. It should tell you which rule is being used to allow/deny the URL.
to the dispatcher.any files on my two servers, rebooted the servers, deleted the old files from the cache on the servers and from my local browser cache and tried the url again - but it still allowed me access. (The url on google is the bottom one, which is why I added that as well).
Perhaps I should add them higher up in the list of rules?