WCF Web service Anonymous Authentication

Question

I have a utility Web service hosted on IIS 7.0 on our site. This service is consumed by desktop clients, and since it's a utility service, the users should be able to access it without entering credentials, so the authentication type is set to Anonymous in IIS.

Now the problem is the service URL is accessible by public, and entering it in the Web browser directs the users to this page:

Even though this doesn't give users any useful information that could be potentially dangerous, it still would be nice if I could hide the page from public access. So is there a way to prevent users from accessing this page but still expose the service itself to public? I know IIS 7 enables URL redirection but I don't know if the request sent from VS when adding a service reference is actually any different from the request sent from the Web browser when entering the URL. Any help is appreciated.

Edit

An option, as discussed in the comments section, is to access the service by creating a ChannelFactory during runtime, but that'd require exposing the contracts to the client, which is what I'm trying to avoid.

Answer 1

I guess what you want to disable is the HTML page. Do it using ServiceDebug element.

<system.serviceModel>
    <behaviors>
        <serviceBehaviors>
            <behavior>
                <serviceDebug httpHelpPageEnabled="false" />
            </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>

EDIT: To Disable WSDL:

<serviceMetadata httpGetEnabled="false" />