Clickjacking is a malicious technique where a user is tricked into clicking unintentionally on a disguised site element, thus probably routing the user to another unexpected page or causing an unforeseen event. In order to avoid clickjacking on the Kerio Control web interface, the remote management of it should be disabled.
- Add your Kerio Control device to MyKerio to manage it using MyKerio.
- Login to Kerio Control web interface as Administrator.
- Go to Configuration > Traffic Rules.
- Disable the Traffic Rule that allows Kerio Control administration from any source. This Rule is created by default:
- Click on Apply.