WP noFrame/noClickjacking is a simple (yet) effective frame breaking plugin that protects your site content from being embedded into other sites.
| Author: | RSPublishing (profile at wordpress.org) |
| WordPress version required: | 3.0 |
| WordPress version tested: | 4.2.2 |
| Plugin version: | 1.3 |
| Added to WordPress repository: | 21-05-2014 |
| Last updated: | 18-06-2015
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
|
| Rating, %: | 86 |
| Rated by: | 3 |
| Plugin URI: | http://yooplugins.com/ |
| Total downloads: | 3 916 |
| Active installs: | 500+ |
 Click to start download |
|
WP no-iFrames (Content Protection) is a simple, yet effective iframe breaking plugin that will protect your site content from being embedded into other sites - effectively defending you against clickjacking attacks.
This lightweight plugin will add the Header always append X-Frame-Options SAMEORIGIN rule to your root .htaccess file - where the SAMEORIGIN rule will allow embeds only from YOUR site and prevent embeds from ANY other domains.
The X-Frame-Options headers are however, available in 3 flavors (should you wish to not use the DENY rule):
- DENY: will prevent ALL domains from framing the content (including your own)
- SAMEORIGIN: only allows the current domain (your own) to frame the content
- ALLOW-FROM uri: which only allows a specified uri to frame the content
The SAMEORIGIN rule is simply replaced by either one of the aforementioned headers and can be done directly in your root .htaccess file
This is a lightweight plugin - simply install and leave. Try it for yourself!
The WP no-iFrames (Content Protection) plugin is maintained by YOOPlugins.com and WP Emergency Room