X-Frame-Options Running a server with DirectAdmin

Posted on by

The following tutorial describes how in just a few seconds to run block headers X-Frame-Options
To begin with what is X-Frame-Options

X-Frame-Options to nagłówek HTTP, Webserver added by the response to the browser request. It has two values:

SAMEORIGIN - only pages from the same domain can "zramkować" this URL
DENY - no party can put in a frame this URL
By using the above header, We avoid nesting boxes on our website, ie attacks:

1
2
3
4
<html>
reklamy, phishing, clickjacking, itp
<iframe src="http://yoursite.com"></iframe>
</html>

Below you how to install for any site from the Panel DirectAdmin.

Log in to the administrative panel on the administrator account then go to the Custom tab and click HTTPD configurations domain that interests us.

then we add:

1
2
3
|*if DOMAIN="serwerweb.pl"|
header always set x-frame-options "DENY"
|*endif|

Save and reload httpd server.
That's it 🙂

How useful this post was?

Click on the star, to evaluate it!

Average grade / 5. number of votes:

So far, no votes! Be the first to rate this post.