Benim web admin alanında çok basit bir mantık kullanarak adres:

session_start(); ob_start();
if(!isset($_SESSION['user'])){
    header("Location: login.php");
}
contents...
ob_end_flush();

Yes this is working perfect, redirect to login page. But the comic point is that I can see the content of index.php (that protected!!!) here What is wrong?