I am using a new domain for my WordPress directory in different server. When I click the meta links such “Login” or “register”, I get this page:
This content cannot be displayed in a frame
To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame.
What you can try:
Open this content in a new window
How can I fix this?
Since version 3.4 (or earlier?) WordPress sends a special HTTP header (not in HTML) on login and admin pages:
So your browser will show you some text built into the browser, not sent from WordPress.
From
wp-includes/default-filters.php
:You could create a plugin and disable these headers:
But then your login can be used for clickjacking. Someone might register a domain with a very similar name, embed your login as background iframe and log the login credentials when you try to type them in.
Thatâs not fictional. It actually happened, thatâs why WordPress implemented this.
Drop the
iframe
. Try to find a better solution.