![\"\"](\"https:\/\/jurn.link\/jurnsearch\/2017\/04\/clickcode.jpg\")
<\/a><\/p>\nSource: Stanford Security Lab<\/a> via a recent blog post by Zipline Interactive<\/a>, where there’s also additional defensive code to add to your website’s root .htaccess file (if you have FTP access and<\/em> your host will allow upload of a changed .htaccess)…<\/p>\n The .htaccess code is ‘as well as’, serving as a second line of deeper defence, and is not required for the first code suggestion to work in your Web page. Most modern Web browsers understand the self-explanatory SAMEORIGIN command when they hear it from a website.<\/p>\n Those with a hosted WordPress blog or journal may also want to consider the Frame Buster plugin<\/a>. So far as I know there’s nothing similar for the Open Journal System (OJS) or Omeka or similar academic content plug-and-play systems. But perhaps there should be, if they don’t already have such counter-measures baked in?<\/p>\n","protected":false},"excerpt":{"rendered":" For your Web page, here’s strong anti-framejacking and anti-clickjacking code, which has been tested and currently busts nasty frame-jackers such …<\/p>\nHeader set X-Frame-Options SAMEORIGIN<\/code><\/p>\n