diff --git a/admin_manual/installation/nginx.rst b/admin_manual/installation/nginx.rst
index f34e8e297..e68333741 100644
--- a/admin_manual/installation/nginx.rst
+++ b/admin_manual/installation/nginx.rst
@@ -72,6 +72,7 @@ webroot of your nginx installation. In this example it is
       add_header X-Download-Options noopen;
       add_header X-Permitted-Cross-Domain-Policies none;
       add_header Referrer-Policy no-referrer;
+      add_header X-Frame-Options "SAMEORIGIN";
 
       # Remove X-Powered-By, which is an information leak
       fastcgi_hide_header X-Powered-By;
@@ -169,6 +170,7 @@ webroot of your nginx installation. In this example it is
           add_header X-Download-Options noopen;
           add_header X-Permitted-Cross-Domain-Policies none;
           add_header Referrer-Policy no-referrer;
+          add_header X-Frame-Options "SAMEORIGIN";
 
           # Optional: Don't log access to assets
           access_log off;
@@ -223,6 +225,7 @@ your nginx installation.
       add_header X-Download-Options noopen;
       add_header X-Permitted-Cross-Domain-Policies none;
       add_header Referrer-Policy no-referrer;
+      add_header X-Frame-Options "SAMEORIGIN";
 
       # Remove X-Powered-By, which is an information leak
       fastcgi_hide_header X-Powered-By;
@@ -320,6 +323,7 @@ your nginx installation.
               add_header X-Download-Options noopen;
               add_header X-Permitted-Cross-Domain-Policies none;
               add_header Referrer-Policy no-referrer;
+              add_header X-Frame-Options "SAMEORIGIN";
 
               # Optional: Don't log access to assets
               access_log off;