diff --git a/src/freedombone-app-rss b/src/freedombone-app-rss
index 4639c71b..4e31eb75 100755
--- a/src/freedombone-app-rss
+++ b/src/freedombone-app-rss
@@ -428,7 +428,11 @@ function install_rss_main {
     echo '    deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '  }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
-    echo '  add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-XSS-Protection "1; mode=block";' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-Robots-Tag none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-Download-Options noopen;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-Permitted-Cross-Domain-Policies none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-Frame-Options SAMEORIGIN;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '  add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '  client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
@@ -482,7 +486,11 @@ function install_rss_main {
     echo '    deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '  }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
-    echo '  add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-XSS-Protection "1; mode=block";' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-Robots-Tag none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-Download-Options noopen;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-Permitted-Cross-Domain-Policies none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+    echo '  add_header X-Frame-Options SAMEORIGIN;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '  add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '  client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
     echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME