You can add security in global.asax by checking URL in
"Application_BeginRequest".
string[] blacklist = new string{};
foreach (var item in blacklist)
{
if(Request.Url.AbsoluteUri.Contains(item))
}
this code check url contains some unwanted and harmfull keywords to website like SQLInjection etc.
then you can create your own Role and User Management or user ASP.Net Membership for authentication on each page.