Home Experience & Tips Sharing Standard Post

Standard Post

Methods to Prevent Websites from Being Mirrored or Referenced via iframe by Other Sites

It's frustrating if your hard-built website and written articles are mirrored and referenced by other websites. Previously, I shared methods for hotlink protection using Baota and LNMP, but this method cannot prevent others from referencing your website's content via iframe frames. How to prevent other websites from referencing your website's content through iframe frames? Here's how: Through X-...

Updated on November 1, 2019 About 3 minutes reading
网站防止被其他站iframe框架引用镜像的方法

PainstakinglyBuilt WebsiteIt can be frustrating when the articles you write are mirrored and referenced by other websites. Previously, I sharedmethods for preventing hotlinking in Baota Panel and LNMP, but this method cannot prevent others from referencing your website's content via iframe frames.

How to prevent other websites from referencing your website's content through iframe frames? Here's how:

Restrict References from Other Websites via X-Frame-Options

The X-Frame-Options HTTP response header is used to instruct the browser whether a page can be displayed within a <frame>, <iframe>, <embed>, or <object>. Websites can avoid clickjacking attacks by ensuring they are not embedded into other sites.

X-Frame-Options has the following three values available

X-Frame-Options:deny// Deny all domain frame references

X-Frame-Options:sameorigin// Only same domain can reference

X-Frame-Options:allow-fromhttps://example.com/ // Only specified domain can reference

Usually, we only need to add X-Frame-Options: sameorigin to solve it.

Implementation Methods for nginx and Baota Panel

If your server uses nginx or Baota Panel, you can add X-Frame-Options: sameorigin through the following method.

In your virtual host's nginx configuration file, add the following code (Baota users' operation path: Website - Settings - Configuration file)

add_header X-Frame-Options SAMEORIGIN always;

Add the code above the line containing the root directive, as shown below:

listen 80;
listen 443 ssl http2;
server_name blog.naibabiji.com;
index index.html index.htm default.html default.htm index.php default.php;
add_header X-Frame-Options SAMEORIGIN always;
root /www/wwwroot/blog.naibabiji.com;

After adding, restart the nginx service to see the effect.

The command to restart nginx for LNMP one-click package is: /etc/init.d/nginx restart

The path to restart nginx in Baota is: App Store - Search nginx - Click nginx - Restart

Other Setting Methods

If you are not using the nginx service, please refer to the instructions in the following article and follow the steps accordingly.

https://developer.mozilla.org/zh-CN/docs/Web/HTTP/X-Frame-Options

The above content teaches you how to deal with the issue of your website being framed by others during the website building process. If you have other questions, feel free to leave a comment for discussion.

5/5 - (1 vote)
Previous Several Methods for Users to Set Their Own Password During WordPress Website Registration Continue reading content around the same timeline. Next How to Make a WordPress Website Support Google Chrome PWA Applications View the next related tutorial or experience.

AI Website Building Assistant

🤖
Hello! I am the Naibabiji AI Assistant. How can I help you?
Quick Consultation: