Block iframe calls to website to prevent Clickjacking attacks
From Notes_Wiki
<yambe:breadcrumb>Apache_web_server_configuration|Apache web server configuration</yambe:breadcrumb> <yambe:breadcrumb>Security tips</yambe:breadcrumb>
Block iframe calls to website to prevent Clickjacking attacks
To block iframe calls to website hosted using apache using HTTP headers use:
Header always append X-Frame-Options DENY
configuration. However, if local iframes from site to itself are desired then DENY can be replaced with SAMEORIGIN.