Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Drupal.

  1. Install and enable the Security Kit (SecKit) module:

    composer require drupal/seckit
drush en seckit

  2. Navigate to Admin > Configuration > System > Security Kit.

  3. Under the "Clickjacking" section, enable X-Frame-Options and set the value to SAMEORIGIN.

  4. Save the configuration.

Back to top