does this plugin help with Tabnabbing/Clickjacking?

  • Resolved dragonweb

    (@dragonweb)


    5 months ago

    Hi there,

    a couple of clients got emailed from ‘ethical hackers’ saying that their sites were vulnerable to the Tabnabbing, and Clickjacking respectively.

    Will installing this plugin and setting at the default settings help with those things?

    Thank you!

Viewing 1 replies (of 1 total)
  • Plugin Author Andrea Ferro

    (@unicorn03)

    5 months ago

    Hi @dragonweb,

    Thank you for reaching out!

    The Headers Security Advanced & HSTS WP plugin provides robust protection against a variety of web vulnerabilities by implementing key security headers, including measures that mitigate risks associated with Clickjacking and Tabnabbing.

    • Clickjacking: The plugin includes the X-Frame-Options header, which helps prevent your site from being embedded in iframes by malicious actors, effectively reducing the risk of clickjacking.
    • Tabnabbing: The plugin can set rel="noopener noreferrer" for external links, which is a common mitigation strategy for tabnabbing attacks.

    By using the default settings, your clients’ sites will benefit from increased protection. However, I recommend reviewing and customizing the settings to align with your specific security requirements.

    If you have further questions or need assistance, feel free to ask!

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.