1 files changed, 3 insertions, 1 deletions

diff --git a/posts/nfs-multiple-websites.md b/posts/nfs-multiple-websites.md
index 6fd7b0d..8dde1ec 100644
--- a/posts/nfs-multiple-websites.md
+++ b/posts/nfs-multiple-websites.md
@@ -77,7 +77,7 @@ I also recommend setting up better Security Headers directly inside the `.htacce
     Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
 
     # Content Security Policy
-    Header always set Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; frame->
+    Header always set Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; frame-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self';"
 
     # Prevent Clickjacking (X-Frame-Options)
     Header always set X-Frame-Options "SAMEORIGIN"
@@ -93,6 +93,8 @@ I also recommend setting up better Security Headers directly inside the `.htacce
 </IfModule>
 ~~~
 
+If you plan to have multiple websites that will contain similar security headers, you can have them share a single `.htaccess` file. Simply place your `.htaccess` file in the main root directory (`/home/public`) and you're good to go!
+
 ## Go Live
 
 Include your website files in the proper domain sub folders on the server and you're done. Now you have a single point of entry for all your personal/project websites under one NearlyFreeSpeech "site". You also get to keep some extra coin in your wallet, since this will only cost you a fixed rate of $0.05 a day!