Remediation Steps

Follow the steps below to remediate this finding on Apache webserver.

1. Make sure that the headers module is loaded:

   sudo a2enmod headers

2. Add the following code to the apache2.conf file:

   <IfModule mod_headers.c>        Header always set X-Frame-Options "SAMEORIGIN"</IfModule>