Home kellton

Main navigation

  • Services
    • Digital Business Services
      • AI & ML
        • Utilitarian AI
        • Predictive Analytics
        • Generative AI
        • Machine Learning
        • Data Science
        • RPA
      • Digital Experience
        • Product Strategy & Consulting
        • Product Design
        • Product Management
      • Product Engineering
        • Digital Application Development
        • Mobile Engineering
        • IoT & Wearables Solutions
        • Quality Engineering
      • Data & Analytics
        • Data Consulting
        • Data Engineering
        • Data Migration & Modernization
        • Analytics Services
        • Integration & API
      • Cloud Engineering
        • Cloud Consulting
        • Cloud Migration
        • Cloud Managed Services
        • DevSecOps
      • NextGen Services
        • Blockchain
        • Web3
        • Metaverse
        • Digital Signage Solutions
    • SAP
      • SAP Services
        • S/4HANA Implementations
        • SAP AMS Support
        • SAP Automation
        • SAP Security & GRC
        • SAP Value Added Solutions
        • Other SAP Implementations
      • View All Services
  • Platforms & Products
    • Audit.io
    • Tasks.io
    • Kellton4Health
    • Kellton4NFT
    • Kellton4Commerce
    • KLGAME
    • tHRive
    • Optima
    • Our Data Accelerators
      • Digital DataTwin
      • SmartScope
      • DataLift
      • SchemaLift
      • Reconcile360
    • View All Products
  • Industries
    • Fintech, Banking, Financial Services & Insurance
    • Retail, E-Commerce & Distribution
    • Pharma, Healthcare & Life Sciences
    • Non-Profit, Government & Education
    • Travel, Logistics & Hospitality
    • HiTech, SaaS, ISV & Communications
    • Manufacturing
    • Oil,Gas & Mining
    • Energy & Utilities
    • View All Industries
  • Insights
    • Blogs
    • Brochures
    • Success Stories
    • News / Announcements
    • Webinars
    • White Papers
  • Careers
    • Life At Kellton
    • Jobs
  • About
    • About Us
    • Our Partners
    • Our Leadership
    • Testimonials
    • Analyst Recognitions
    • Investors
    • Corporate Sustainability
    • Privacy-Policy
    • Contact Us
    • Our Delivery Centers
      • India Delivery Center
      • Europe Delivery Center
Search
  1. Home
  2. All Insights
  3. Blogs

How to secure your Website from Clickjacking?

Product Engineering
August 03 , 2017
Posted By:
Kellton
linkedin
How to Secure your Website from Clickjacking

Other recent blogs

What is Agentic AI
Agentic AI Applications: The emerging frontiers in Generative AI dynamics
May 08 , 2025
Process Mining to Optimize ServiceNow Processes
Identifying Bottlenecks and Inefficiencies: Using Process Mining to Optimize ServiceNow Processes
May 05 , 2025
ServiceNow and the Future of Human-AI Collaboration with Agentic AI
ServiceNow and the Future of Human-AI Collaboration with Agentic AI
May 02 , 2025

Let's talk

Reach out, we'd love to hear from you!

Image CAPTCHA
Enter the characters shown in the image.
Get new captcha!

The recent ransomware attack has raised discussions around “click-jacking.” Clickjacking, also known as UI redress attack, tricks users by engaging them in fraudulent purchases. Hackers steal confidential information such as credit card details and use them without the user’s knowledge. Such cyber-attacks are difficult to track because the victim is influenced to interact with a fictitious webpage created by the hacker.

What is it?

A clickjack is an embedded code/script, executed when a user clicks on the button that functions differently. For example, a user receives an email containing a video link of some news item. If he clicks on the link and goes to the page, he is not aware of the fact that a hidden page which might be a product page on Amazon.com is placed on top/below the ‘Play’ icon on the video. When the user plays the news video, they are actually purchasing the linked product. With a single click, the hacker is able to acquire complete information of the user from Amazon.com.  

Other common examples include:

  • Cheating users to enable webcam/microphone by using Flash player
  • Follow someone on Twitter and Facebook
  • Like/Share Facebook links
  • Generate PPC revenue by clicking ads through Google Adsense
  • Download and run malware giving access to remote hackers

How to Secure your Application?

You can follow the following steps to avoid cases of clickjacking:

#1: Download clickjacking-test.html

#2: The below screen will appear

ClickJacking Load

#3: Enter the URL of your application in ‘URL’ text field.

For example, https://www.hoganlovells.com/

Click on ‘Load’ and if the following output appears on your screen, your application is not secured from clickjacking.

Hogan

#4: However, if the below screen appears after entering your application’s URL, it means your application is secure.

Parent Frame

How to Handle Clickjacking Vulnerabilities in your Application?

You need to add the following script in the head section of your webpage in order to ensure that your application is secure from clickjacking.

<style id="antiClickjack">body{display:none !important;}</style>

<script type="text/javascript">

if (self === top) {

var antiClickjack = document.getElementById("antiClickjack");

antiClickjack.parentNode.removeChild(antiClickjack);

} else {

top.location = self.location;

}

</script>

What Else can you do to Protect your Application?

When securing your application consider these points:

  • Check redirected webpages when you click on links. For example, if you want to purchase music from iTunes site. The URL will read as store.itunes.com. However, if the web page is clickjacked, the URL will be somewhat similar with a minute difference that is visible only when you scrutinize the URL.
  • An extreme measure can be to use only text-based web browser because it allows only textual inputs. This will not be beneficial as text-based browsers hamper user experience.
  • Adopt other server-side protection measures.

Want to know more?

Quantum-proofing your business
Blog
Quantum-proofing your business: A critical security imperative
April 01 , 2025
Minimizing disruption in Product Modernization
Blog
Application Modernization Strategy: Revealing zero-disruption best practices
March 25 , 2025
Adaptive software development guide - Abstract thumbnail image
Blog
A detailed guide on adaptive software development
March 13 , 2025

North America: +1.844.469.8900

Asia: +91.124.469.8900

Europe: +44.203.807.6911

Email: ask@kellton.com

Footer menu right

  • Services
  • Platforms & Products
  • Industries
  • Insights

Footer Menu Left

  • About
  • News
  • Careers
  • Contact
LinkedIn LinkedIn twitter Twitter Youtube Youtube
Recognized as a leader in Zinnov Zones Digital Engineering and ER&D services
Kellton: 'Product Challenger' in 2023 ISG Provider Lens™ SAP Ecosystem
Recognized as a 'Challenger' in Avasant's SAP S/4HANA services
Footer bottom row seperator

© 2025 Kellton