We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda WAF-as-a-Service

Clickjacking Protection

  • Last updated on

Clickjacking (also known as UI redressing and iframe overlay) is a malicious technique where a user is tricked into clicking on a button or link on a website using hidden clickable elements inside an invisible iframe. This attack hijacks clicks intended for the visible page and routes the user to an application and/or domain on another page. The Barracuda Web Application Firewall as a Service uses the X-Frame-Options HTTP response header to detect and prevent iframe-based clickjacking. The X-Frame-Options header is inserted to indicate whether a browser should be allowed to render a page in a iframe, and if allowed, the iframe origin that needs to be matched.


Note: If your website is rendered inside a iframe, do not enable clickjacking protection because it will prevent rendering the website inside the iframe. To prevent this issue, clickjacking protection is not enabled by default.

Last updated on