Page 1 of 1
Forum

Welcome to the Tweaking4All community forums!
When participating, please keep the Forum Rules in mind!

Topics for particular software or systems: Start your topic link with the name of the application or system.
For example “MacOS X – Your question“, or “MS Word – Your Tip or Trick“.

Please note that switching to another language when reading a post will not bring you to the same post, in Dutch, as there is most likely no translated for the post!




Share:
Notifications
Clear all

Clickjacking - Quick fix for Apache or .htaccess files


 Hans
(@hans)
Noble Member Admin
Joined: 8 years ago
Posts: 1832
Topic starter  

Clickjacking is not a new issue, but one that is quite often overlooked, yet super easy to fix.

In Apache you can add the following line to your httpd.conf. This will protect ALL websites on your server:

Header always append X-Frame-Options SAMEORIGIN

 

Tip: if you're using cPanel/WHM on your webserver, go to:

Home » Service Configuration » Apache Configuration » Include Editor » pre virtual host »  select "All versions", and add this line there.
Apache will need to restart.

 

Alternatively you can add the following to your .htaccess file:

Header append X-FRAME-OPTIONS “SAMEORIGIN”

 


ReplyQuote

Like what you see and you'd like to help out? 

The best way to help is of course by assisting others with their questions here in the forum, but you can also help us out in other ways:

- Do your shopping at Amazon, it will not cost you anything extra but may generate a small commission for us,
- send a cup of coffee through PayPal ($5, $10, $20, or custom amount),
- become a Patreon,
- donate BitCoin (BTC), or BitCoinCash (BCH).

Share: