Should methods in a web app be public or internal?

Question

Within the scope of a web application, what are the implications of declaring a method's accessibility to be public vs. internal?

Web applications typically contain methods used only within the application itself. For example, an ecommerce web site may contain a method to retrieve a user's order history. Along the lines of:

public List<Orders> RetrieveOrders() {
    //code goes here
}

If this method was contained within a class library, the significance of public and internal access modifiers is fairly straightforward; public methods would be accessible outside of the library itself, internal methods would not.

Is there any practical difference when it comes to web applications?

EDIT: My question has been suggested to be a duplicate of What is the difference between Public, Private, Protected, and Nothing?. I am not asking for an explanation of access modifiers. I am asking whether there is any significance for access modifiers on methods within a web site specifically.

Answer 1

In general public should be limited to externally visible methods - this includes public API and methods that must be exposed dues to technical restrictions (i.e. classes for ASP.Net pages).

In case of web application there is generally no "public API" as such libraries generally are not expected to be consumed by external users.

So mostly there is no practical differences between internal and public for web application development. You gain some minor convenience for using only public as you no longer need to have InternalsVisibleTo attributes for unit tests.

More discussions: public vs. internal methods on an internal class, internal vs public in c#

Side note: ASP.Net MVC web site is a class library - so all discussions about access modifiers related to class libraries applies to ASP.Net MVC/WebAPI sites.