How to add security headers in response

We would like to add security-related headers as part of hardening the website. Please let us know how to add security headers in response?

Security Headers is a Webflow Enterprise feature.

Thanks for sharing this information. It is very helpful for my juicewrld beanies site.

It is possible to add X-Frame-Options header as part of CMS plan

But looks like for adding other custom headers, we need an enterprise plan

BTW , this is how i added X-Frame-Options header

  1. Login to webflow > Dashboard > site settings
  2. Click on Publish > Advanced Options > Check Use secure frame headers
  3. This setting will add X-Frame-Options: SAMEORIGIN to all the pages

Adding security headers is considered a best practice, this should be available for all plans, not just Enterprise.

1 Like

More than best practice, it’s our fiduciary responsibility to do what we can to protect our website users.

Security headers aren’t like SSO. They’re a fundamental layer of Internet security.

Webflow are straight up supporting cybercrime by restricting security headers to the Enterprise plan.