diff --git a/server.js b/server.js
index 3736c11..11befa5 100644
--- a/server.js
+++ b/server.js
@@ -31,12 +31,9 @@ app.use(
     }
   })
 );
-app.use(
-  helmet({
-    frameguard: false
-  })
-);
-app.use(referrerPolicy({ policy: "origin-when-cross-origin" }));
+app.use(helmet());
+app.use(helmet.frameguard({ action: "sameorigin" }));
+app.use(referrerPolicy({ policy: "origin" }));
 
 app.use(cors());
 mongoose.promise = global.Promise;