How to protect a website from clickjacking

Follow

Comments

2 comments

  • Avatar
    EB

    Hello, I followed these instructions (3. Apache with nginx as reverse proxy server:) and it caused caused my front-end to return a 403 Forbidden nginx. Bizarrely, it auto-downloads the index.php every time I try to reload.

    Using Onyx 17.8.11 on debian 9. Site is set to run PHP as FPM application served by Apache (default installation), but inspect reveals server is nginx. Any suggestions? 

    0
    Comment actions Permalink
  • Avatar
    Leonid Gukhman

    @EB 
    Hi, try removing the 'always' in the directive. The article has been modified accordingly.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request