diff --git a/src/middleware/security.ts b/src/middleware/security.ts
index 63bb248..3810492 100644
--- a/src/middleware/security.ts
+++ b/src/middleware/security.ts
@@ -8,8 +8,13 @@ export async function securityHeaders(
   reply.header('X-Content-Type-Options', 'nosniff');
   reply.header('X-Frame-Options', 'DENY');
   reply.header('Referrer-Policy', 'strict-origin-when-cross-origin');
+  reply.header('Permissions-Policy', 'camera=(), microphone=(), geolocation=()');
 
   if (config.isProduction) {
     reply.header('Strict-Transport-Security', 'max-age=31536000; includeSubDomains');
+    reply.header(
+      'Content-Security-Policy',
+      "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'",
+    );
   }
 }