diff --git a/.htaccess b/.htaccess
index 7a07f4c..0b2cae6 100644
--- a/.htaccess
+++ b/.htaccess
@@ -23,6 +23,13 @@
 ErrorDocument 404 /assets/error-404.html
 ErrorDocument 500 /assets/error-500.html
 
+<IfModule mod_env.c>
+	# Ensure that X-Forwarded-Host is only allowed to determine the request
+	# hostname for servers ips defined by SS_TRUSTED_PROXY_IPS in your _ss_environment.php
+	# Note that in a future release this setting will be always on.
+	#SetEnv BlockUntrustedProxyHeaders true
+</IfModule>
+
 <IfModule mod_rewrite.c>
 
 	# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4