Back to GD Security Headers Forum

Setting up iframe security

Published on: February 6, 2021 at 1:37 pm · By: ajtruckle

I was reading this article

Do I understand that I can resolve clickjacking vulnberability with your plugin?

I installed yours as it was newer (although flags as out of date with my wordpress version).

But i don’t know how to configure it.

Viewing 3 replies - 1 through 3 (of 3 total)
  • #65304


    If you need to enable some of the headers only, they are listed in the few settings panel. For each header, there is an explanation of what it is for. If you need to enable the ‘X-Frame-Options’ header, it is in plugin Settings -> More Headers. If you are using Apache server for WordPress, I recommend enabling it.HTACCESS support via Settings -> Global too.


    Dev4Press - Premium plugins for WordPress.

  • #65308


    I am using Apache servers and I was able to set this up to resolve the vulnerability. Thank you. Are you able to update your plugin to suppress the warning about it not being tested in latest versions of WordPress? It just looks better from a potentials users perspective to not see warning like that.

    I have 3 sub domains that are outside of WordPress and they too are vulnerable to clickjacking. They are help documentation systems so no need for WordPress or Gravatar. Are you able to offer a feature for setting a .htaccess file for sub domains?


  • #65312

    Sorry, the plugin works with WordPress .htaccess file, it can’t access anything outside of it.

    Dev4Press - Premium plugins for WordPress.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Setting up iframe security’ is closed to new replies.