Start Free

Allow Your Website to Display in MultiMoxx

To show your website inside device mockups, your site needs to allow embedding. Some websites block this by default for security reasons, but this can be adjusted with a few simple changes.

This guide walks you through how to allow your site to display properly in MultiMoxx.

Why This Is Needed

Modern websites often block being displayed inside other websites using security headers. The most common ones are:

  • X-Frame-Options
  • Content-Security-Policy (CSP)

If these are enabled, your site may appear blank or fail to load inside MultiMoxx.

What You Need to Do

To allow your website to display, you’ll need to:

  1. Remove or disable X-Frame-Options
  2. Update your Content Security Policy (CSP) to allow embedding

Option 1: Quick Fix (Recommended)

Allow embedding only on MultiMoxx (secure and recommended):

Content-Security-Policy:
frame-ancestors 'self' https://multimoxx.com;

This allows your website to be embedded on MultiMoxx while keeping protection elsewhere.

Option 2: Allow Embedding Anywhere

If you want your site to work everywhere:

Content-Security-Policy:
frame-ancestors *;

Note: This is less secure and not recommended for sensitive sites.

Remove X-Frame-Options

This header must be removed completely.

How to Make These Changes

If You Use Cloudflare (Easiest Method)

  1. Log into Cloudflare
  2. Go to Rules → Transform Rules
  3. Click “Modify Response Header”
  4. Add the following rules:

Rule 1:

  • Header: X-Frame-Options
  • Action: Remove

Rule 2:

  • Header: Content-Security-Policy
  • Action: Set
  • Value: frame-ancestors ‘self’ https://multimoxx.com;

Save and deploy.

If You Use WordPress

Check the following:

  • Security plugins (Wordfence, iThemes, etc.)
  • Caching plugins (LiteSpeed, WP Rocket, etc.)
  • Your theme or hosting panel

Look for settings related to:

  • Clickjacking protection
  • Security headers

Disable or modify them accordingly.

If You Have Access to .htaccess (Apache)

Header always unset X-Frame-Options
Header set Content-Security-Policy "frame-ancestors 'self' https://multimoxx.com"

If You Use Nginx

add_header Content-Security-Policy "frame-ancestors 'self' https://multimoxx.com";
proxy_hide_header X-Frame-Options;

After You Make Changes

  • Clear your cache (Cloudflare and website cache)
  • Reload MultiMoxx
  • Your site should now display correctly

Troubleshooting

  • Your hosting provider may be adding headers automatically
  • A plugin may still be overriding your settings
  • Try temporarily disabling security plugins

Important Notes

  • These changes only work for websites you control
  • Some third-party websites cannot be embedded
  • This does not affect your SEO or normal site visitors

Need Help?

If you’re unsure how to make these changes, send this page to your developer or hosting provider and ask them to:

“Allow embedding on MultiMoxx by removing X-Frame-Options and setting frame-ancestors in the Content Security Policy.”

Once enabled, you’ll be able to create full, scrollable mockups of your website inside MultiMoxx.