Welcome to the Tweaking4All community forums!
When participating, please keep the Forum Rules in mind!
Topics for particular software or systems: Start your topic link with the name of the application or system.
For example “MacOS X – Your question“, or “MS Word – Your Tip or Trick“.
Please note that switching to another language when reading a post will not bring you to the same post, in Dutch, as there is no translation for that post!
[Solved] Clickjacking - Quick fix for Apache or .htaccess files
(@hans)
Famed Member Admin
Joined: 11 years ago
Posts: 2796
Topic starter
April 24, 2020 3:58 AM
Clickjacking is not a new issue, but one that is quite often overlooked, yet super easy to fix.
In Apache you can add the following line to your httpd.conf. This will protect ALL websites on your server:
Header always append X-Frame-Options SAMEORIGIN
Tip: if you're using cPanel/WHM on your webserver, go to:
Home » Service Configuration » Apache Configuration » Include Editor » pre virtual host » select "All versions", and add this line there.
Apache will need to restart.
Alternatively you can add the following to your .htaccess file:
Header append X-FRAME-OPTIONS “SAMEORIGIN”