on my platform RoundOF I created some pages for unregistered visitors. Internal content should not be visible to visitors. So I configured the external pages so that no menu is visible. But when I type the URL of an internal page, this page is displayed without login. For instance, I changed the visibility of the "View Profile" page so that Unauthenticated users can not see it. But still the profile images and the menu is displayed. Also, when someone guesses an internal address, he may get the "404" page of the system, which will display the menu. In the menu he could access the search function, and the search function displays internal content to visitors.
How can I block visitors from seeing internal content?