The ‘X Frame Options’ Security header is one of the easier policies to implement. It provides clickjack protection by preventing your website from being shown in <iframes>, <frame> or <object> tags.
By adding the below code to the top of your .htaccess file you’ll ad the ‘X Frame Options’ response header to your site and will only allow your site to be framed by your own domain name.
<IfModule mod_headers.c>Header set X-Frame-Options “sameorigin”
<IfModule mod_headers.c>Disclosure: This post may contain affiliate links which means I may receive a commission for purchases made through links. I will only recommend products that I have personally used! Learn more on my Private Policy page.