I have generally use AntiForgeryToken for prevents external get requests. So no one can access outside.
Suppose, we are having AntiForgeryToken in our Html.BeginForm in View.
When we submit form, we sends data to your Controller method. If method has ValidateAntiForgeryToken attribute, it validates if data we are sending has our ForgeryToken.ForgeryToken is generated once per session.
public ViewResult Action_Method()