I’m running a ghost site on DigitalOcean and need to update the X-Frame-Options that seemed automatically added. I run this command to browse through all files:
grep -ri "X-Frame-Options" /etc/nginx
and it turned out that the header was set only in ssl-params.conf. I tried to disable this by adding comment but no change reflected on the front-end. Is there other option to disable this header on my ghost site? I checked config.production.json also but couldn’t find the option.