Preventing clickjacking attacks with X-Frame-Options header

.NET Components
MailBee.NET Objects .NET email components: SMTP, POP3, IMAP, EWS, Security, AntiSpam, Outlook, Address Validator, PDF
MailBee.NET Queue Easy-to-use .NET service to deliver e-mails in the background

ActiveX Components
MailBee Objects ActiveX email components: SMTP, POP3, IMAP, S/MIME
MailBee Message Queue Queue-based background sending of emails

Web scripts
WebMail Pro PHP Webmail front-end for your existing mail server, with personal calendar, contacts, and mobile sync
WebMail Pro ASP.NET Webmail front-end for your existing mail server, with calendar sharing and global contacts
ActiveServer Premium addon which brings ActiveSync support to WebMail Pro and Aurora

Solutions
Aurora Corporate Groupware system for businesses and providers
Aurora Files Your personal cloud storage
Triton Transactional and newsletter emails sending solution
MailSuite Pro for Linux Mail server (MTA) bundled with WebMail Pro for a complete solution
Unified Messaging Solution Technology platform which provides telecom users with a feature-rich messaging portal

Starting from version 7.4.1 of Aurora, you can disallow embedding the product interface into IFrame, which can be helpful toward preventing clickjacking attacks. This is done by forcing specific value of X-Frame-Options HTTP header, you can read more on this at this Wikipedia page.

If you wish to disallow embedding Aurora interface into IFrame, add the following item into array defined in data/settings/config.php file:

'labs.x-frame-options' => 'SAMEORIGIN',

Note that even with this setting applied, you will still be able to use the embedding yourself, as long as Aurora and the page containing IFrame are within the same domain.

Aurora documentation

Preventing clickjacking attacks with X-Frame-Options header