diff --git a/.htaccess b/.htaccess
index f1ec9a858..99425bf93 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,5 +1,10 @@
 Options -Indexes
 
+<IfModule mod_headers.c>
+Header set Strict-Transport-Security: "max-age=15768000; includeSubDomains; preload"
+Header set X-Content-Type-Options: "nosniff"
+</IfModule>
+
 RewriteEngine On
 RewriteRule ^favicon.ico$ styles/bootstrap/favicon.ico [L]