How do I disable X-Frame-Options for Apache2 on debian completely? I need to embed iframes from other domains to some of my sites and this is being prevented due to X-Frame-Options (according to Firefox Devtools). "allow-from" is not an option, since it is not supported by Firefox. I already commented it out in all config files within /etc/apache2 but this didn't help I'm on Debian stretch with ISPConfig 3.1.15p1
ISPConfig does not set any X-Frame-Options for websites hosted on your server, you can check this by looking at the vhost files generated by ISPConfig, you will not find any XFame_* headers in there. The only part where X-Frame is set is for the ISPConfig GUI itself on port 8080, but this has no effect on your websites. If these headers ares et, then this is not related to ISPConfig. Most likely the cMS or software that you use in that website sets them or you uploaded a .htaccess file into the website which sets them.
