{"id":3785,"date":"2011-09-16T22:11:45","date_gmt":"2011-09-16T12:11:45","guid":{"rendered":"http:\/\/michaelwyres.com\/?p=3785"},"modified":"2011-09-16T22:11:45","modified_gmt":"2011-09-16T12:11:45","slug":"wordpress-frames-hack","status":"publish","type":"post","link":"https:\/\/michaelwyres.com.au\/mwdc\/2011\/09\/wordpress-frames-hack\/","title":{"rendered":"WordPress Frames Hack"},"content":{"rendered":"<p>For security reasons, by default, in the later versions of <a target=\"_blank\" href=\"http:\/\/www.wordpress.org\/\">WordPress<\/a> &#8211; (not sure which version this started with) &#8211; you cannot load a WordPress site within a frameset of another page.<\/p>\n<p>This prevents people with malicious intent, from hi-jacking your site inside a frame within their own site, and possibly stealing information from within your installation.  A most sensible precaution.<\/p>\n<p>However, there are times where you may in fact want to do this yourself.<\/p>\n<p>If you must do it &#8211; and please, only do it if you really know what you are doing, because you may open up a security hole in your site &#8211; it is as simple as changing a single line of code.<\/p>\n<p>Inside the &#8220;wp-includes&#8221; folder within your WordPress installation, edit the &#8220;default-filters.php&#8221; file, and remove &#8211; (or comment out) &#8211; the following line:<br \/>\n<code><br \/>\nadd_action( 'login_init',          'send_frame_options_header',     10, 0 );<br \/>\n<\/code><\/p>\n<p>This line should be at or around line 225.<\/p>\n<p>That&#8217;s it.  Done.<\/p>\n<p>Your WordPress installation should now load inside a frame.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>For security reasons, by default, in the later versions of WordPress &#8211; (not sure which version this started with) &#8211; you cannot load a WordPress site within a frameset of another page. This prevents people with malicious intent, from hi-jacking your site inside a frame within their own site, and possibly stealing information from within [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[238,592],"class_list":["post-3785","post","type-post","status-publish","format-standard","hentry","category-technology","tag-frameshack","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/posts\/3785","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/comments?post=3785"}],"version-history":[{"count":0,"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/posts\/3785\/revisions"}],"wp:attachment":[{"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/media?parent=3785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/categories?post=3785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michaelwyres.com.au\/mwdc\/wp-json\/wp\/v2\/tags?post=3785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}