As you know, in SharePoint 2010, users can anonymously access sites, lists, and libraries. But in SharePoint 2013, you can configure a limited access list and library with limitations pertaining to anonymous users. What this means is that although anonymous can access a site, they can’t access your list and/or library. This feature is called Limited-access user permission lockdown mode.
Here are the steps involved to show how it works:
- Enable anonymous access for Web application in Central Admin (Central Admin > Manage Web Applications > Authentication Providers) checking the checkbox:
- Grant rights to anonymous users of the site collection in Site Permissions selecting the Entire Web site radio button:
- Grant sitewide rights to anonymous users in Library / List (if needed):
- Before activating the Limited-access user permission lockdown mode feature, anonymous users can view and access any library or list on the site:
- After activating the feature, as you will see, anonymous users cannot access any library or list which wasn’t explicitly set to allow anonymous access (and can view the site only).