need to get rid of X-Frame Options and use : Content-Security-Policy. The only place I find X-Frame-Options it is already commented out. (vi /etc/apache2/conf-available/security.conf) I have no httpd.conf, created a .htaccess file using the Header set language. Looking at headers from my form I still get the X-Frame-Option in my headers.
PHP Version 7.2