diff --git a/flake.lock b/flake.lock
index f93d146..aa80b42 100644
--- a/flake.lock
+++ b/flake.lock
@@ -2,11 +2,11 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1704420045,
-        "narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=",
+        "lastModified": 1708161998,
+        "narHash": "sha256-6KnemmUorCvlcAvGziFosAVkrlWZGIc6UNT9GUYr0jQ=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "c1be43e8e837b8dbee2b3665a007e761680f0c3d",
+        "rev": "84d981bae8b5e783b3b548de505b22880559515f",
         "type": "github"
       },
       "original": {
diff --git a/sp-modules/bitwarden/module.nix b/sp-modules/bitwarden/module.nix
index 5bd22f5..9b2d1c9 100644
--- a/sp-modules/bitwarden/module.nix
+++ b/sp-modules/bitwarden/module.nix
@@ -83,7 +83,7 @@ in
         add_header Strict-Transport-Security $hsts_header;
         #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
         add_header 'Referrer-Policy' 'origin-when-cross-origin';
-        add_header X-Frame-Options DENY;
+        add_header X-Frame-Options SAMEORIGIN;
         add_header X-Content-Type-Options nosniff;
         add_header X-XSS-Protection "1; mode=block";
         proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";