diff --git a/SciPost_v1/settings/base.py b/SciPost_v1/settings/base.py
index d52b4b3df0c0c6916b708af8ac2add807c37974e..1b9694965b894a70927ece2ab7b98e2dcde4594b 100644
--- a/SciPost_v1/settings/base.py
+++ b/SciPost_v1/settings/base.py
@@ -187,6 +187,8 @@ MIDDLEWARE = (
     'maintenancemode.middleware.MaintenanceModeMiddleware',
 )
 
+SECURE_BROWSER_XSS_FILTER = True
+
 ROOT_URLCONF = 'SciPost_v1.urls'
 
 TEMPLATES = [