Can't access WordPress Dashboard in an iframe Can't access WordPress Dashboard in an iframe wordpress wordpress

Can't access WordPress Dashboard in an iframe


wordpress iframe x-frame-options

Here is a better solution that won't break when you update Wordpress:

remove_action( 'login_init', 'send_frame_options_header' );remove_action( 'admin_init', 'send_frame_options_header' );

Here's another solution if you're using Apache. Throw this in your .htaccess:

<IfModule mod_headers.c>    Header unset X-Frame-Options    Header always unset X-Frame-Options</IfModule>

wordpress iframe x-frame-options

According to this, in WordPress Answers, Receiving “This content cannot be displayed in a frame” error on login page, WordPress sends a special header

X-Frame-Options: SAMEORIGIN

that prevents clickjacking. And hence, embedding the admin as an iframe.

It is possible to eliminate this header removing a couple of actions from wp-includes/default-filters.php, but at your own risk.

Someone might register a domain with a very similar name, embed your login as background iframe and log the login credentials when you try to type them in.

Please, read the full Q&A at WPSE.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last