
PainstakinglyBuilt WebsiteIt can be frustrating when the articles you write are mirrored and referenced by other websites. Previously, I sharedmethods for preventing hotlinking in Baota Panel and LNMP, but this method cannot prevent others from referencing your website's content via iframe frames.
How to prevent other websites from referencing your website's content through iframe frames? Here's how:
Restrict References from Other Websites via X-Frame-Options
The X-Frame-Options HTTP response header is used to instruct the browser whether a page can be displayed within a <frame>, <iframe>, <embed>, or <object>. Websites can avoid clickjacking attacks by ensuring they are not embedded into other sites.
X-Frame-Options has the following three values available:
X-Frame-Options:deny// Deny all domain frame references
X-Frame-Options:sameorigin// Only same domain can reference
X-Frame-Options:allow-fromhttps://example.com/ // Only specified domain can reference
Usually, we only need to add X-Frame-Options: sameorigin to solve it.
Implementation Methods for nginx and Baota Panel
If your server uses nginx or Baota Panel, you can add X-Frame-Options: sameorigin through the following method.
In your virtual host's nginx configuration file, add the following code (Baota users' operation path: Website - Settings - Configuration file)
add_header X-Frame-Options SAMEORIGIN always;
Add the code above the line containing the root directive, as shown below:
listen 80; listen 443 ssl http2; server_name blog.naibabiji.com; index index.html index.htm default.html default.htm index.php default.php; add_header X-Frame-Options SAMEORIGIN always; root /www/wwwroot/blog.naibabiji.com;
After adding, restart the nginx service to see the effect.
The command to restart nginx for LNMP one-click package is: /etc/init.d/nginx restart
The path to restart nginx in Baota is: App Store - Search nginx - Click nginx - Restart
Other Setting Methods
If you are not using the nginx service, please refer to the instructions in the following article and follow the steps accordingly.
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/X-Frame-Options
The above content teaches you how to deal with the issue of your website being framed by others during the website building process. If you have other questions, feel free to leave a comment for discussion.