Prevent Click-jacking

 

Edit the web.config file (Optional)

You can also add the header directly by modifying the web.config file of your website:

  1. Open the web.config file located in your site's root directory.

  2. Add the following code within the <system.webServer> section:

    xml
    <system.webServer>
    <httpProtocol>
        <customHeaders>
            <add name="X-Frame-Options" value="DENY" />
        </customHeaders>
    </httpProtocol>
</system.webServer>

    If you want to allow framing only within the same origin, use SAMEORIGIN instead of DENY:

    xml
    <add name="X-Frame-Options" value="SAMEORIGIN" />

  3. Save the web.config file and restart IIS (if necessary) to apply the changes.

Comments

Post a Comment

Popular posts from this blog

Django Journey

Image
15APR2025 python manage.py runserver 0.0.0.0:80 for LAN access python manage.py flush   to restart DB from scratch. pip -V    will confirm if you in the venv 02APR2025 Probably better to use . foldername, while ensuring ,gitignore has this. python -m venv .v env .venv \Scripts\activate pip install django 22FEB2025 python -m venv env env \Scripts\activate pip install django deactivate env \Scripts\activate 13FEB2025 python manage.py makemigrations and then python manage.py migrate python manage.py createsuperuser    python manage.py changepassword < user_name > 06FEB2025 Use the setup instructions for creating a github project in website first, then clone it locally. Now you have  C:\Source\github\bendecko\projectname\ Navigate to that folder and run  django-admin startproject longtermreviews .      (note .) This creates the standard structure: Where my_site is projectname (master) and blog,reviews,user,login etc is modu...
Read more

git journey

28JAN2025 Moving local folders was a breeze!  Close VS code.  Move the folder.  Reopen. Done. git remote -v To check remote folder is correct git remote set-url origin <new-repository-URL> ..if not 23OCT2024 Make sure your .gitignore and .gitattributes files are in place. In VS you can press: CTRL + ' Or in Ubuntu go to the root of the solution in terminal git init git add . git commit -m "Initial commit" Then Create a Repository on GitHub : Go to GitHub and log in. Click on the New button to create a new repository. Name the repository, set it to public or private, and create it. Add the Remote Repository : Copy the repository URL from GitHub and use it to add a remote in your local Git. git remote add origin https://github.com/your-username/your-repository.git Push Your Code : Push your local repository to GitHub. git push -u origin master  (check if master or main) git branch   listed the branch, funnily enough Then later after some code-peddling git...
Read more

ngnix journey

  Step 3: Configure Nginx Server Block Create a directory for the web page (replace with your desired path if needed): sudo mkdir -p /var/www/caputxeta Assign ownership to the current user (replace with your user): sudo chown -R $USER : $USER /var/www/caputxeta Create a simple index.html file for testing: echo "<h1>Welcome to Caputxeta</h1>" > /var/www/caputxeta/index.html Create a new server block configuration file: sudo nano /etc/nginx/sites-available/caputxeta Add the following configuration to the file: server { listen 80; server_name caputxeta.kbytes.net caputxeta.internal.kbytes.net; root /var/www/caputxeta; index index.html; location / { try_files $uri $uri/ =404; } } Enable the site by creating a symbolic link to sites-enabled : sudo ln -s /etc/nginx/sites-available/caputxeta /etc/nginx/sites-enabled/ Test the Nginx configuration for syntax errors: sudo nginx -t Reload Nginx to apply the changes: sudo systemctl r...
Read more