diff --git a/web/wp-content/mu-plugins/wp-mu-plugins/lf-mu/public/class-lf-mu-public.php b/web/wp-content/mu-plugins/wp-mu-plugins/lf-mu/public/class-lf-mu-public.php
index 55f89175..539e8753 100644
--- a/web/wp-content/mu-plugins/wp-mu-plugins/lf-mu/public/class-lf-mu-public.php
+++ b/web/wp-content/mu-plugins/wp-mu-plugins/lf-mu/public/class-lf-mu-public.php
@@ -222,6 +222,12 @@ function ( $headers ) {
 
 		// remove application passwords.
 		add_filter( 'wp_is_application_passwords_available', '__return_false' );
+
+		 // Add strict-origin-when-cross-origin referrer policy.
+		 add_action( 'wp_head', 'wp_strict_cross_origin_referrer' );
+
+		 // Add X-Frame-Options SAMEORIGIN.
+		 add_action( 'send_headers', 'send_frame_options_header', 10, 0 );
 	}
 
 	/**
@@ -340,7 +346,7 @@ public function add_header_cache() {
 	 * or ignore certain other authors.
 	 *
 	 * @param string $display_name Display name.
-	 * 
+	 *
 	 */
 	public function rss_author_prep( $display_name ) {
 		if ( is_feed() ) {
@@ -358,7 +364,7 @@ public function rss_author_prep( $display_name ) {
 				return $display_name;
 			}
 		}
-	
+
 		return $display_name;
 	}
 }