X-Frame-Options Running a server with DirectAdmin
The following tutorial describes how in just a few seconds to run block headers X-Frame-Options
To begin with what is X-Frame-Options
X-Frame-Options to nagłówek HTTP, Webserver added by the response to the browser request. It has two values:
SAMEORIGIN - only pages from the same domain can "zramkować" this URL
DENY - no party can put in a frame this URL
By using the above header, We avoid nesting boxes on our website, ie attacks:
1 2 3 4 | <html> reklamy, phishing, clickjacking, itp <iframe src="http://yoursite.com"></iframe> </html> |
Below you how to install for any site from the Panel DirectAdmin.
Log in to the administrative panel on the administrator account then go to the Custom tab and click HTTPD configurations domain that interests us.
then we add:
1 2 3 | |*if DOMAIN="serwerweb.pl"| header always set x-frame-options "DENY" |*endif| |
Save and reload httpd server.
That's it 🙂