All the application pages have_layouts before it. Developers can create various pages for n number of purpose in share point called Form Pages. Share point will not restrict the users from accessing these pages by default. So we need to restrict the access of the application pages.
SharePoint allows this by enabling the feature called ViewFormPagesLockDown. This feature can be activated at the Site Collection level. All the users who is not having the View Application Pages permission will not be able to navigate to pages like _layouts/viewlsts.aspx or pages/forms/allitems.aspx
Go through the below listed steps for blocking the access of application pages:
Check out users to restrict.
Set their permission to "Restricted Read" or remove the View Application Pages from existing assigned permission level.
Enable ViewFormPagesLockDown feature using the command - stsadm -o activatefeature -url
Above command will block all users not having View Application Pages permission from accessing the application pages and form pages.
To deactivate the same feature use cammand- stsadm -o deactivatefeature -url
Above command will deactivate the view access level permission.