diff --git a/nextcloud/rootfs/nginx/sites-enabled/nginx.conf b/nextcloud/rootfs/nginx/sites-enabled/nginx.conf
index 8620e93..7331a00 100644
--- a/nextcloud/rootfs/nginx/sites-enabled/nginx.conf
+++ b/nextcloud/rootfs/nginx/sites-enabled/nginx.conf
@@ -8,6 +8,7 @@ server {
         add_header Referrer-Policy "no-referrer" always;
         add_header X-Content-Type-Options "nosniff" always;
         add_header X-Download-Options "noopen" always;
+        add_header X-Frame-Options "SAMEORIGIN" always;
         add_header X-Permitted-Cross-Domain-Policies "none" always;
         add_header X-Robots-Tag "none" always;
         add_header X-XSS-Protection "1; mode=block" always;
@@ -69,6 +70,7 @@ server {
             add_header Referrer-Policy "no-referrer" always;
             add_header X-Content-Type-Options "nosniff" always;
             add_header X-Download-Options "noopen" always;
+            add_header X-Frame-Options "SAMEORIGIN" always;
             add_header X-Permitted-Cross-Domain-Policies "none" always;
             add_header X-Robots-Tag "none" always;
             add_header X-XSS-Protection "1; mode=block" always;