F5 irule to Protect Clickjacking Attack using X-FRAME-OPTIONS

Secure Clickjacking Attack with X-Frame-Options using F5 iRule

There are multiple ways to add X-Frame-Options header in your web applications. However, implementing through F5 load balancer is probably the easiest one.

By doing at a network edge using F5 iRule give you the advantage of making changes no fly.

That’s right; you don’t need to restart any services hence no downtime.

There are three settings for X-Frame-Options:

To implement in F5 irule

when HTTP_RESPONSE {  HTTP::header insert "X-FRAME-OPTIONS" "SAMEORIGIN"  }

To verify

Use browser’s inbuilt developer tools to examine the response headers or online using HTTP Header checker tool.

You see it’s three-line which does the job!