In order to improve the security of your site against ClickJacking, it is recommended that you add the following header to your site:
It is supported by all browsers and prevents an attacker from iframing the content of your site into others.
This article from Mozilla explains it in detail: On the X-Frame-Options Security Header
Enabling this header
You can enable it by modifying your Apache settings or your
.htaccess file, and adding the following line to it:
<IfModule mod_headers.c> Header always append X-Frame-Options SAMEORIGIN </IfModule>
Or you can enable it automatically on CloudProxy (along with other security headers) by setting "Additional Security Headers " to on. Note that it is enabled by default for all our customers.
If you have any questions, please contact our research team at firstname.lastname@example.org.