diff options
Diffstat (limited to 'puppet/modules/site_apache/files/conf.d/security')
| -rw-r--r-- | puppet/modules/site_apache/files/conf.d/security | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/puppet/modules/site_apache/files/conf.d/security b/puppet/modules/site_apache/files/conf.d/security index 11159f48..a5ae5bdc 100644 --- a/puppet/modules/site_apache/files/conf.d/security +++ b/puppet/modules/site_apache/files/conf.d/security @@ -48,3 +48,8 @@ ServerSignature Off #TraceEnable Off TraceEnable On +# Setting this header will prevent other sites from embedding pages from this +# site as frames. This defends against clickjacking attacks. +# Requires mod_headers to be enabled. +# +Header set X-Frame-Options: "DENY" |