Search

MachPanel Knowledgebase


HOW TO:Protecting Your Website From ClickJacking

4 Years Ago
Rehan Waseem
MachPanel

Summary

This article provides information on how to Protect your Website from ClickJacking.

Applies To

This article applies to MachPanel v6 and above.

Steps and Procedure

To protect website from clickjacking, it is required to append a Content Security Policy header to the HTTP response with frame-ancestors directive sent by web server.

Custom header can be added to a website in IIS as shown below.

 

 

Inside ‘Value’ for ‘frame-ancestors’ multiple values can be specified separated by white space like below

Frame-ancestors ‘self’ ‘https://*.jquery.com’ ‘https://www.example.com’ ‘https://*.providesupprot.com’;

For Machpanel add as below

frame-ancestors ‘self’ ‘https://*.duosecurity.com’ ‘https://app.powerbi.com’

References

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors

https://content-security-policy.com/

https://portswigger.net/web-security/cross-site-scripting/content-security-policy



Share Article

On a scale of 1-5, please rate the helpfulness of this article



Not Helpful
Very Helpful
Optionally provide additional feedback to help us improve this article...

Thank you for your feedback!


Comments require login or registration.

Details
Type: HOW TO
Level: Beginner
Last Modified: 4 Years Ago
Last Modified By: rehan_waseem
Article not rated yet.
Article has been viewed 1.9K times.
Options
Print Article
Export As PDF
Also In This Category
Customer Support Software
Execution: 0.000. 8 queries. Compression Disabled.