How to block website from loading in iframe?

@arnoldo.moen 

To block a website from loading in an iframe, you can use the X-Frame-Options header in your website's server configuration. This header defines whether a website can be displayed in an iframe.

To prevent a website from being loaded in an iframe, you can set the X-Frame-Options header to 'DENY' or 'SAMEORIGIN'.

For example, if you want to block a website (example.com) from being loaded in an iframe on your website, you can add the following line to your server configuration file:

Header set X-Frame-Options DENY

Alternatively, you can use the Content-Security-Policy header to block a website from loading in an iframe. You can set the frame-ancestors directive to 'none' in the CSP header to prevent the website from being loaded in an iframe.

For example:

Content-Security-Policy: frame-ancestors 'none'

By setting the X-Frame-Options or Content-Security-Policy header, you can effectively block a website from loading in an iframe on your website.