When you suucessfully logged in, assign a value to the session. See the code below
Session("Status")= "LoggedIn".
As you said, you use the code Session.Abandon(); which destroy all the session variable including Session("Status").
So in every page load, Use the code.
if(session("Status") != null)
{
response.redirect("Login.aspx");
}
Note that, you cant able to control the browser back button.
when you are succesfully logged out, your session will deleted.
So when you click on the browser back button, it redirects to the previuos page. but if you try to perform any operation, you eill automatically redirected to the login page.
Happy coding.
Please let me know your comments