diff --git a/data/templates/nginx/yunohost_admin.conf b/data/templates/nginx/yunohost_admin.conf
index 63d466ecd..3df838c4a 100644
--- a/data/templates/nginx/yunohost_admin.conf
+++ b/data/templates/nginx/yunohost_admin.conf
@@ -20,6 +20,10 @@ server {
     ssl_certificate /etc/yunohost/certs/yunohost.org/crt.pem;
     ssl_certificate_key /etc/yunohost/certs/yunohost.org/key.pem;
 
+    more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload";
+    more_set_headers "Referrer-Policy : 'same-origin'";
+    more_set_headers "Content-Security-Policy : upgrade-insecure-requests; object-src 'none'; script-src https: 'unsafe-eval'";
+
     location / {
         return 302 https://$http_host/yunohost/admin;
     }