Difference between revisions of "Block iframe calls to website to prevent Clickjacking attacks"
From Notes_Wiki
(Created page with "<yambe:breadcrumb>Apache_web_server_configuration|Apache web server configuration</yambe:breadcrumb> <yambe:breadcrumb>Security tips</yambe:breadcrumb> =Block iframe calls to ...") |
(No difference)
|
Revision as of 04:17, 1 March 2013
<yambe:breadcrumb>Apache_web_server_configuration|Apache web server configuration</yambe:breadcrumb> <yambe:breadcrumb>Security tips</yambe:breadcrumb>
Block iframe calls to website to prevent Clickjacking attacks
To block iframe calls to website hosted using apache using HTTP headers use:
Header always append X-Frame-Options DENY
configuration. However, if local iframes from site to itself are desired then DENY can be replaced with SAMEORIGIN.