Protection against Clickjacking
Clickjacking (also known as a "UI redress attack") is a malicious technique intended to trick a user into clicking something different to what they think they are clicking.
Plesk users can be vulnerable to this type of attack when Plesk is opened within frames (separate areas of web pages) on other (malicious) sources.
To protect Plesk from clickjacking, add the following lines to the
[security] sameOriginOnly = true
sameOriginOnly setting allows you to prevent Plesk pages from opening within frames on other domains.
Note: By default, this setting is switched off (has the
false value) because it can compromise Plesk integration with other systems in which Plesk is opened in the system's frames.
Leave your feedback on this topic here
If you have questions or need support, please visit the Plesk forum or contact your hosting provider.
The comments below are for feedback on the documentation only. No timely answers or help will be provided.