diff --git a/in/personal/server/index.rst b/in/personal/server/index.rst
index 3b0e2f7..c694798 100644
--- a/in/personal/server/index.rst
+++ b/in/personal/server/index.rst
@@ -388,7 +388,8 @@ Security
 
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
- add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload";
+ add_header Content-Security-Policy "default-src 'self'";
+ add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload" always;
 
 Sites
 ^^^^^