Rich's IT Blog

Sharing the joy of DevOps and Coffee

Month: June 2016

Securing Apache X-Frame-Options

Issue If specific origins are not listed or set to DENY, or SAMEORIGIN, a site can be vulnerable to embedded 3rd party code on embedded frames or embedded iframes. Remediation Options For servers running Apache web server, this can be addressed by adding the line below to the apache2.conf/httpd.conf file […]