diff --git a/apps/web/nginx.conf b/apps/web/nginx.conf
index 84b0e5f..7a7f279 100644
--- a/apps/web/nginx.conf
+++ b/apps/web/nginx.conf
@@ -6,6 +6,9 @@ server {
     root   /usr/share/nginx/html;
     index  index.html index.htm;
     try_files $uri $uri/ /index.html;
+    
+    add_header Content-Security-Policy "upgrade-insecure-requests";
+    add_header Permissions-Policy "geolocation=(), microphone=()";
   }
 
   location /api {
@@ -13,6 +16,7 @@ server {
     proxy_http_version 1.1;
     proxy_set_header Upgrade $http_upgrade;
     proxy_set_header Connection "Upgrade";
+    proxy_set_header Permissions-Policy "geolocation=(), microphone=()";
   }
 
   error_page   500 502 503 504  /50x.html;