Jump to content

Preventing Clickjacking and Writing Code to Prevent Clickjacking

Go to solution Solved by paul2009,

Recommended Posts

Posted

Site URL: http://thecoalyardcafe

We are a small cafe that uses TSYS to accept credit card payments from customers and our web page was created through Squarespace.  Every quarter, we are subjected to TSYS PCI compliance to ensure that our credit card system is secure.  For the very first time, we did not pass compliance this quarter because our website is vulnerable to "clickjacking."  I am not a web designer or programmer so I do not know how to go about fixing this problem.  I read several online blogs and watched a number of Youtube videos and if I understand correctly, I need to write some code that says, "X-Frame-Options-Deny" or "X-Frame-Options-Sameorigin" for each of the links I have in our webpage (history, drinks, entrees, and anywhere else you can link on the webpage).  What are the steps to write code in a Squarespace webpage/domain?  Is anyone familiar with "clickjacking" and can help us resolve this problem?  We would greatly appreciate it.  Thanks!   

  • Solution
Posted
1 hour ago, maryt6886 said:

We are a small cafe that uses TSYS to accept credit card payments from customers and our web page was created through Squarespace. For the very first time, we did not pass compliance this quarter because our website is vulnerable to "clickjacking."

I don't fully understand your question because Squarespace websites do not require independent PCI compliance testing and their sites do not use TSYS for payment processing.

Can you explain a little more? Are you taking orders via the website?

Regarding clickjack protection, this can be enabled in Settings > AdvancedWebsite Protection. This setting protects your site and visitors from UI redress attacks (also known as clickjacking), which are attempts to trick visitors into clicking a link that takes action on another, hidden site.

Me: I'm Paul, a SQSP user for >18 yrs & Circle Leader since 2017. I value honesty, transparency, diversity and good design ♥.
Work: Founder of SF.DIGITAL. We provide high quality original extensions to supercharge your Squarespace website. 
Content: Views and opinions are my own. Links in my posts may refer to my own SF.DIGITAL products or may be affiliate links.
Forum advice is completely free. You can thank me by selecting a feedback emoji. Buying a coffee is generous but optional.

  • 4 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

×
×
  • Create New...

Squarespace Webinars

Free online sessions where you’ll learn the basics and refine your Squarespace skills.

Hire a Designer

Stand out online with the help of an experienced designer or developer.