diff --git a/.htaccess b/.htaccess
index 7a07f4c..0b2cae6 100644
--- a/.htaccess
+++ b/.htaccess
@@ -23,6 +23,13 @@
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
+
+ # Ensure that X-Forwarded-Host is only allowed to determine the request
+ # hostname for servers ips defined by SS_TRUSTED_PROXY_IPS in your _ss_environment.php
+ # Note that in a future release this setting will be always on.
+ #SetEnv BlockUntrustedProxyHeaders true
+
+
# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4