From ba4c977550dc75c71351e1ea5ecac2e618d590fa Mon Sep 17 00:00:00 2001
From: Marco Romanelli <41620979+mromanelli9@users.noreply.github.com>
Date: Thu, 11 Mar 2021 11:49:46 +0100
Subject: [PATCH 1/2] remove old anchor

---
 README.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/README.md b/README.md
index e6a0f74..427d6c2 100644
--- a/README.md
+++ b/README.md
@@ -72,7 +72,6 @@ Fooling automated tools/scanners :
   * [Misc](#misc-2)
 - [Include custom configurations](#include-custom-configurations)
 - [Cache data](#cache-data)
-- [Create your own image](#create-your-own-image)
 
 # Live demo
 You can find a live demo at https://demo-nginx.bunkerity.com.

From 6e93575e16befa1a8dec30618a8db03b51a8db21 Mon Sep 17 00:00:00 2001
From: Marco Romanelli <41620979+mromanelli9@users.noreply.github.com>
Date: Thu, 11 Mar 2021 14:41:23 +0100
Subject: [PATCH 2/2] remove ALLOWALL from X_FRAME_OPTIONS options

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 427d6c2..9be4b75 100644
--- a/README.md
+++ b/README.md
@@ -836,7 +836,7 @@ You can customize the CRS (i.e. : add WordPress exclusions) by adding custom .co
 ## Security headers
 
 `X_FRAME_OPTIONS`  
-Values : *DENY* | *SAMEORIGIN* | *ALLOW-FROM https://www.website.net* | *ALLOWALL*  
+Values : *DENY* | *SAMEORIGIN* | *ALLOW-FROM https://www.website.net*
 Default value : *DENY*  
 Context : *global*, *multisite*  
 Policy to be used when the site is displayed through iframe. Can be used to mitigate clickjacking attacks.