diff --git a/nginx-default.conf b/nginx-default.conf
index 4e8e411..793960b 100644
--- a/nginx-default.conf
+++ b/nginx-default.conf
@@ -25,6 +25,9 @@ server {
 
     add_header X-UA-Compatible "IE=Edge,chrome=1";
 
+    # https://www.justegeek.fr/proteger-un-peu-plus-son-site-avec-la-balise-x-content-type-options/
+    add_header X-Content-Type-Options "nosniff";
+
     #Caching (save html pages for 7 days, rest as long as possible, no caching on frontpage)
     expires $expires;