Secure Apache from Clickjacking with X-FRAME-OPTIONS

We earn commission when you buy through affiliate links.

This does not influence our reviews or recommendations.Learn more.

Implement X-FRAME-OPTIONS in HTTP headers to prevent Clickjacking attacks

Clickjacking is a well-known web tool vulnerability.

For example, it was used as an attack on X (formerly known as Twitter).

This will prevent site content embedded into other sites.

Did you every try embed Google.com on your website as a frame?

You cant because its protected and you might protect it too.

Referthis article for CSP header.

However, it’s possible for you to achieve this by adding the following line in the.htaccessfile.

Change is reflected immediately without doing any restart.

Verification

you’re able to use any web developer tool to view Response headers.

you’re free to also use an online tool Header Checkerto verify.

How did it go?

If you are running an online business, then you may consider usingCloud WAFfor all-in-one security protection and monitoring.