diff --git a/conf/nginx/plain/yunohost_sso.conf.inc b/conf/nginx/plain/yunohost_sso.conf.inc
index 984440679..578a75e52 100644
--- a/conf/nginx/plain/yunohost_sso.conf.inc
+++ b/conf/nginx/plain/yunohost_sso.conf.inc
@@ -2,6 +2,16 @@
 rewrite ^/yunohost/sso$ /yunohost/sso/ permanent;
 
 location /yunohost/sso/ {
-    alias /usr/share/ssowat/portal/;
+    alias /usr/share/yunohost/portal/;
+    default_type text/html;
     index index.html;
+    try_files $uri $uri/ /index.html;
+
+    location = /yunohost/sso/index.html {
+        etag off;
+        expires off;
+        more_set_headers "Cache-Control: no-store, no-cache, must-revalidate";
+    }
+
+    more_set_headers "Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'none'; img-src 'self' data:;";
 }