X-Frame-Options is not working in meta tag?

VR Patel picture VR Patel · Aug 2, 2017 · Viewed 13.8k times · Source

I want to restrict my site content to be used in other domains through iframe control. The recommented meta tag i.e <meta http-equiv="X-Frame-Options" content="deny"> is not working. What can i do?

Answer

Simonluca Landi picture Simonluca Landi · Aug 2, 2017

You can't set X-Frame-Options in a metatag, only using the HTTP header.

read more here:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

For example, if you are using Apache, you should add a line like this in the .htaccess file

Header set X-Frame-Options DENY