diff --git a/server.js b/server.js
index ddc20a0..2d96c09 100644
--- a/server.js
+++ b/server.js
@@ -3,7 +3,7 @@
 var express     = require('express');
 var bodyParser  = require('body-parser');
 var cors        = require('cors');
-
+var helmet = require('helmet');
 var apiRoutes         = require('./routes/api.js');
 var fccTestingRoutes  = require('./routes/fcctesting.js');
 var runner            = require('./test-runner');
@@ -16,6 +16,11 @@ app.use(cors({origin: '*'})); //USED FOR FCC TESTING PURPOSES ONLY!
 
 app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({ extended: true }));
+app.use( helmet( {
+  noCache       : true,
+  hidePoweredBy : { setTo: 'PHP 4.2.0' },
+  xssFilter     : true,
+} ) );
 
 //Index page (static HTML)
 app.route('/')