X-Frames are set to deny

October 14, 2019 139 views


I am facing issue of “Refused to display ’https://website.name’ in a frame because it set ‘X-Frame-Options’ to 'deny’.”

Due to this I am unable to load the content into my website.

Any help would be highly appreciated.

3 Answers

Hi @devsharma871,

You can add to .htaccess, httpd.conf or VirtualHost section

Header set X-Frame-Options SAMEORIGIN

this option should help you fix the problem.


  • Thank you. Can you please let me know about the files location? I am unable to locate the files.

  • Also, when I add the code to .htaccess file, it throws the error of “Deny and Sameorigin - falling back to deny”.

    I have also changed in the ssl-params.conf but nothing seems to be changed.

Also, changing apache2.conf doesn’t change anything at frontend.


Do I need to restart the server as well? If yes, can you please let me know how can I do that ? Also, restarting the server can down my website? if it will then how can I recover that as well?

Please suggest.

  • Hi @devsharma871,

    Adding it to your domain’s virtual host should do the trick. Usually, you can find your virtual host at the following place


    Having said that, you’ll need to restart Apache in order for the changes to take effect.

    To test if your configuration is okay, you can do the following

    apachectl -t

    A little more information, this should be added in the VirtualHost block for the Domain in order to do the trick.

Have another answer? Share your knowledge.