diff --git a/roles/httpd/website/templates/securityheaders.conf b/roles/httpd/website/templates/securityheaders.conf
index dd5a1ded4d..6712d74881 100644
--- a/roles/httpd/website/templates/securityheaders.conf
+++ b/roles/httpd/website/templates/securityheaders.conf
@@ -1,6 +1,4 @@
-{% if env == "staging" %}
 Header always set X-Frame-Options "DENY"
 Header always set X-Xss-Protection "1; mode=block"
-{% endif %}
 Header always set X-Content-Type-Options "nosniff"
 Header always set Referrer-Policy "same-origin"