diff --git a/data/db.mv.db b/data/db.mv.db
index bd8aacf..2fc3b4d 100644
Binary files a/data/db.mv.db and b/data/db.mv.db differ
diff --git a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java
index 8376327..ea8dc5d 100644
--- a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java
+++ b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java
@@ -40,14 +40,12 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.csrf()
-                .disable();
+        http.csrf().disable();
+        http.headers().frameOptions().disable();
         log.debug("Security enabled");
         http.authorizeRequests()
                 .antMatchers("/").permitAll()
-                .antMatchers("/login").permitAll()
-                .antMatchers("/index").permitAll()
-                .antMatchers("/news/*").permitAll()
+                .antMatchers("/login", "/index", "/news/*", "/h2-console/*", "/h2-console").permitAll()
                 .antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
                 .anyRequest().authenticated()
                 .and()