WP noFrame/noClickjacking is a simple (yet) effective iframe breaking plugin that protects your site content from being embedded into other sites.
WP noFrame is a simple (yet) effective plugin that protects your site content from being embedded into other sites - defending you against clickjacking attacks.
WP noFrame adds the X-Frame-Options HTTP response header (DENY) instruction to your root .htaccess in order to prevent your site content from being embedded into other sites.
This plugin was specifically created for Apache based servers. However, the following line of code can be added to your nginx configuration:
If you don't have server level access, you can add the following line of code between the
</head> tag of your pages:
<meta http-equiv="X-FRAME-OPTIONS" content="DENY">
You can pretty much use any web developer tool to view the response headers. Recommended online tool to verify: Header Checker
Please check that you have the Apache mod_rewrite and mod_headers enabled. You can ask your host about this if you are unsure.
The instruction options
Requires: 3.0 or higher
Compatible up to: 4.0.1
Last Updated: 2014-10-14
1 of 2 support threads in the last two months have been resolved.
Got something to say? Need help?