Topic

I was reading this article

https://support.pagely.com/hc/en-us/articles/360038683052-Enabling-Clickjacking-Protection-X-Frame-Options-in-WordPress

Do I understand that I can resolve clickjacking vulnberability with your plugin?

I installed yours as it was newer (although flags as out of date with my wordpress version).

But i don’t know how to configure it.

Topic Information

Topic Type:

General Question

PHP Version:

7.4

WordPress Version:

5.5

Plugin Version:

1.4

Demo URL:

Replies

Hi,

If you need to enable some of the headers only, they are listed in the few settings panel. For each header, there is an explanation of what it is for. If you need to enable the ‘X-Frame-Options’ header, it is in plugin Settings -> More Headers. If you are using Apache server for WordPress, I recommend enabling it.HTACCESS support via Settings -> Global too.

Regards,
Milan

Dev4Press - Premium plugins for WordPress.

Hi

I am using Apache servers and I was able to set this up to resolve the vulnerability. Thank you. Are you able to update your plugin to suppress the warning about it not being tested in latest versions of WordPress? It just looks better from a potentials users perspective to not see warning like that.

I have 3 sub domains that are outside of WordPress and they too are vulnerable to clickjacking. They are help documentation systems so no need for WordPress or Gravatar. Are you able to offer a feature for setting a .htaccess file for sub domains?

Thanks.

Sorry, the plugin works with WordPress .htaccess file, it can’t access anything outside of it.

Dev4Press - Premium plugins for WordPress.