diff --git a/lhc_web/lib/core/lhcore/lhmodule.php b/lhc_web/lib/core/lhcore/lhmodule.php
index b4e2dedd41..6b5c3616ac 100644
--- a/lhc_web/lib/core/lhcore/lhmodule.php
+++ b/lhc_web/lib/core/lhcore/lhmodule.php
@@ -83,7 +83,13 @@ static function runModule()
             }
           
             try {
-            	
+
+                // Send X-Frame-Options if URL is private
+                // Or it's site_admin based one
+                if (isset($currentUser) || erLhcoreClassSystem::instance()->SiteAccess == 'site_admin') {
+                    header('X-Frame-Options: DENY');
+                }
+
             	if (isset($currentUser) && $currentUser->isLogged() && ($timeZone = $currentUser->getUserTimeZone()) != '') {    
             		self::$defaultTimeZone = $timeZone;
             		date_default_timezone_set(self::$defaultTimeZone);