diff --git a/netlify.toml b/netlify.toml
index f34dd56a..4ec3e12c 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -59,4 +59,14 @@ for = "/.well-known/traffic-advice"
 [[headers]]
 for = "/contribute.json"
   [headers.values]
-  Content-Type = "application/json"
\ No newline at end of file
+  Content-Type = "application/json"
+
+[[headers]]
+    for = "/*"
+    [headers.values]
+    Content-Security-Policy = "upgrade-insecure-requests; block-all-mixed-content;"
+    X-Content-Type-Options = "nosniff"
+    X-Frame-Options = "DENY"
+    X-XSS-Protection = "1; mode=block"
+    Referrer-Policy = "strict-origin-when-cross-origin"
+    Permissions-Policy = "autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=()"
\ No newline at end of file