diff --git a/app/entry.server.tsx b/app/entry.server.tsx
index 489b8ff..b75df7b 100644
--- a/app/entry.server.tsx
+++ b/app/entry.server.tsx
@@ -15,5 +15,15 @@ export default async function handleRequest(
     routerContext,
     loadContext,
   );
+
+  response.headers.set(
+    "Strict-Transport-Security",
+    "max-age=63072000; includeSubDomains; preload",
+  );
+  response.headers.set("Referrer-Policy", "strict-origin-when-cross-origin");
+  response.headers.set("X-Content-Type-Options", "nosniff");
+  response.headers.set("X-Frame-Options", "DENY");
+  response.headers.set("X-Permitted-Cross-Domain-Policies", "none");
+
   return response;
 }