diff --git a/frontend/public/_headers b/frontend/public/_headers
new file mode 100644
index 00000000..a03347c4
--- /dev/null
+++ b/frontend/public/_headers
@@ -0,0 +1,6 @@
+/*
+  X-Frame-Options: DENY
+  X-Content-Type-Options: nosniff
+  Referrer-Policy: strict-origin-when-cross-origin
+  Permissions-Policy: camera=(), microphone=(), geolocation=()
+  Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https://api.hiro.so https://api.mainnet.hiro.so https://api.testnet.hiro.so https://api.coingecko.com https://stacks-node-api.mainnet.stacks.co; frame-ancestors 'none'; base-uri 'self'; form-action 'self'