Finally I managed to look at it. Here is what I am getting:
VM1557:1 Refused to display ‘Welcome dragndropbuilder.com - BlueHost.com’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.
Refused to display ‘Welcome dragndropbuilder.com - BlueHost.com’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.
Refused to display ‘https://test.domain.com/malware_remover/?windowId=q-app-MalwareRemover-1332&v=3.5.2&date=2019-08-01’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.
Looking at here it seems that I have to change the addheader settings here:
(addheader) {
header / {
Strict-Transport-Security "max-age=31536000;"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
Referrer-Policy "strict-origin-when-cross-origin"
-Server
}
}
Should I simply take out the X-Frame-Options "DENY" settings or should I do something else? Is there any downside to do so?
Thanks!
EDIT: doing so it resolves the issues. But I do not know if there is any downside.
Reading here it seems there is a more elegant and secure way to do, but I would need some support in case. 