Prevent back button after logout

Question

I don\'t want the user to go back to secured pages by clicking back button after logging out. In my logout code, I am unsetting the sessions and redirecting to login page.Bu

Answer 1

Avoiding the user to go back is not a good reason and most of all not secure at all.

If you test the user's session before every "admin" action made on the website, you should be fine, even if the user hit the back button, sees the cached page and tries something.

The "ties something" will return an error since the session is no longer valid.

Instead, you should focus on having a really secured back office.