By default, websites protected by our web application firewall cannot be loaded within iFrames on another domain.
The web application firewall will include the X-Frame-Options response header in its responses with a setting of SAMEORIGIN.
This means that, while you can load content from you site within an iFrame on another page on the same domain, you cannot load content from your site within an iFrame on another domain.
If you need to be able to load content from your WordPress website within an iFrame on another domain, we can modify the firewall settings for your domain to allow this.
You can learn more about the X-Frame-Options here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options