Jump to content

Preventing Clickjacking and Writing Code to Prevent Clickjacking

Go to solution Solved by paul2009,

Recommended Posts

Site URL: http://thecoalyardcafe

We are a small cafe that uses TSYS to accept credit card payments from customers and our web page was created through Squarespace.  Every quarter, we are subjected to TSYS PCI compliance to ensure that our credit card system is secure.  For the very first time, we did not pass compliance this quarter because our website is vulnerable to "clickjacking."  I am not a web designer or programmer so I do not know how to go about fixing this problem.  I read several online blogs and watched a number of Youtube videos and if I understand correctly, I need to write some code that says, "X-Frame-Options-Deny" or "X-Frame-Options-Sameorigin" for each of the links I have in our webpage (history, drinks, entrees, and anywhere else you can link on the webpage).  What are the steps to write code in a Squarespace webpage/domain?  Is anyone familiar with "clickjacking" and can help us resolve this problem?  We would greatly appreciate it.  Thanks!   

Link to comment
  • Solution
1 hour ago, maryt6886 said:

We are a small cafe that uses TSYS to accept credit card payments from customers and our web page was created through Squarespace. For the very first time, we did not pass compliance this quarter because our website is vulnerable to "clickjacking."

I don't fully understand your question because Squarespace websites do not require independent PCI compliance testing and their sites do not use TSYS for payment processing.

Can you explain a little more? Are you taking orders via the website?

Regarding clickjack protection, this can be enabled in Settings > AdvancedWebsite Protection. This setting protects your site and visitors from UI redress attacks (also known as clickjacking), which are attempts to trick visitors into clicking a link that takes action on another, hidden site.

Improve your online store with our extensions.
About: Squarespace Circle Leader since 2017. I value honesty, transparency, appreciation and great design ♥.
Work: Squarespace Developer and founder of SF Digital, building the features Squarespace didn't include™.
Content: Links in my posts may refer to SF Digital products or may be affiliate links.

Buy me a coffee

Link to comment
  • 4 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

×
×
  • Create New...

Squarespace Webinars

Free online sessions where you’ll learn the basics and refine your Squarespace skills.

Hire a Designer

Stand out online with the help of an experienced designer or developer.