For modern browser, need to enable X-Frame-Options in Header,
The x-frame-options header can be implement through web server configuration settings.
You can view the X-Frame-Options in Header as like below image,
Reference: https://www.keycdn.com/blog/x-frame-options/
If your browser does not support it, then you will have NO clickjacking defense in place and can use HTTP Header Field X-Frame-Options,
<meta http-equiv="X-Frame-Options" content="deny">
There are three possible values for X-Frame-Options:
DENY –
The page cannot be displayed in a frame, regardless of the site attempting to do so.
SAMEORIGIN –
The page can only be displayed in a frame on the same origin as the page itself.
ALLOW-FROM uri –
The page can only be displayed in a frame on the specified origin.