Difference between revisions of "Block iframe calls to website to prevent Clickjacking attacks"
m |
m |
||
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Apache web server configuration]] > [[Block iframe calls to website to prevent Clickjacking attacks]] | |||
[[Main Page|Home]] > [[Security tips]] > [[Block iframe calls to website to prevent Clickjacking attacks]] | |||
To block iframe calls to website hosted using apache using HTTP headers use: | To block iframe calls to website hosted using apache using HTTP headers use: | ||
Line 12: | Line 12: | ||
Learn more about this at https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options | Learn more about this at https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Apache web server configuration]] > [[Block iframe calls to website to prevent Clickjacking attacks]] | |||
[[Main Page|Home]] > [[Security tips]] > [[Block iframe calls to website to prevent Clickjacking attacks]] |
Latest revision as of 04:18, 18 April 2022
Home > CentOS > CentOS 6.x > Apache web server configuration > Block iframe calls to website to prevent Clickjacking attacks
Home > Security tips > Block iframe calls to website to prevent Clickjacking attacks
To block iframe calls to website hosted using apache using HTTP headers use:
Header always append X-Frame-Options DENY
configuration. However, if local iframes from site to itself are desired then DENY can be replaced with SAMEORIGIN.
Assuming iframes are not blocked in your browser one can use http://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe to check whether the above setting is successful or not. Simply replace iframe src from w3schools to your own website to test.
Learn more about this at https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
Home > CentOS > CentOS 6.x > Apache web server configuration > Block iframe calls to website to prevent Clickjacking attacks
Home > Security tips > Block iframe calls to website to prevent Clickjacking attacks