diff --git a/SciPost_v1/settings/base.py b/SciPost_v1/settings/base.py
index f8af2627d675ff7193d09d6e61096b82c4d327e8..85bb2f767f323bfe626f7aa5563a64c0be21daee 100644
--- a/SciPost_v1/settings/base.py
+++ b/SciPost_v1/settings/base.py
@@ -191,6 +191,7 @@ SECURE_BROWSER_XSS_FILTER = True
 SECURE_HSTS_SECONDS = 60
 SECURE_HSTS_INCLUDE_SUBDOMAINS = True
 SECURE_HSTS_PRELOAD = True
+SECURE_CONTENT_TYPE_NOSNIFF = True
 
 ROOT_URLCONF = 'SciPost_v1.urls'