diff --git a/server/src/app.js b/server/src/app.js
index c0a1241..d3dbdbd 100644
--- a/server/src/app.js
+++ b/server/src/app.js
@@ -1,16 +1,28 @@
 const express = require('express');
 const bodyParser = require('body-parser');
 const path = require('path');
+const cors = require('cors');
 const { initializeDatabase } = require('./config/database');
 const snippetRoutes = require('./routes/snippetRoutes');
 
 const app = express();
 const port = process.env.PORT || 5000;
 
+app.use(cors({
+  origin: true,
+  credentials: true
+}));
+
 app.use(bodyParser.json());
 app.use(express.static(path.join(__dirname, '../../client/build')));
 
 app.set('trust proxy', true);
+app.use((req, res, next) => {
+  res.header('X-Powered-By', null);
+  res.header('X-Frame-Options', 'SAMEORIGIN');
+  res.header('X-Content-Type-Options', 'nosniff');
+  next();
+});
 
 app.use('/api/snippets', snippetRoutes);