diff --git a/Core/Frameworks/Baikal/WWWRoot/cal.php b/Core/Frameworks/Baikal/WWWRoot/cal.php
index 0fb9eee..8d6afc5 100644
--- a/Core/Frameworks/Baikal/WWWRoot/cal.php
+++ b/Core/Frameworks/Baikal/WWWRoot/cal.php
@@ -24,6 +24,10 @@
 *  This copyright notice MUST APPEAR in all copies of the script!
 ***************************************************************/
 
+ini_set("session.cookie_httponly", 1);
+ini_set("display_errors", 0);
+ini_set("log_errors", 1);
+
 define("BAIKAL_CONTEXT", TRUE);
 define("PROJECT_CONTEXT_BASEURI", "/");
 
diff --git a/Core/Frameworks/Baikal/WWWRoot/index.php b/Core/Frameworks/Baikal/WWWRoot/index.php
index 22fadb9..fdc38ef 100755
--- a/Core/Frameworks/Baikal/WWWRoot/index.php
+++ b/Core/Frameworks/Baikal/WWWRoot/index.php
@@ -23,6 +23,11 @@
 *
 *  This copyright notice MUST APPEAR in all copies of the script!
 ***************************************************************/
+
+ini_set("session.cookie_httponly", 1);
+ini_set("display_errors", 0);
+ini_set("log_errors", 1);
+
 define("BAIKAL_CONTEXT", TRUE);
 define("PROJECT_CONTEXT_BASEURI", "/");
 
diff --git a/Core/Frameworks/BaikalAdmin/WWWRoot/index.php b/Core/Frameworks/BaikalAdmin/WWWRoot/index.php
index 250acfa..ea10540 100755
--- a/Core/Frameworks/BaikalAdmin/WWWRoot/index.php
+++ b/Core/Frameworks/BaikalAdmin/WWWRoot/index.php
@@ -24,7 +24,9 @@
 *  This copyright notice MUST APPEAR in all copies of the script!
 ***************************************************************/
 
-ini_set("display_errors", 1);
+ini_set("session.cookie_httponly", 1);
+ini_set("display_errors", 0);
+ini_set("log_errors", 1);
 error_reporting(E_ALL);
 
 define("BAIKAL_CONTEXT", TRUE);
diff --git a/Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php b/Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php
index d761b1f..4789fe8 100755
--- a/Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php
+++ b/Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php
@@ -24,7 +24,9 @@
 *  This copyright notice MUST APPEAR in all copies of the script!
 ***************************************************************/
 
-ini_set("display_errors", 1);
+ini_set("session.cookie_httponly", 1);
+ini_set("display_errors", 0);
+ini_set("log_errors", 1);
 error_reporting(E_ALL);
 
 define("BAIKAL_CONTEXT", TRUE);
diff --git a/Core/Frameworks/Flake/Controller/Page.php b/Core/Frameworks/Flake/Controller/Page.php
index d37b8d4..6e0c156 100644
--- a/Core/Frameworks/Flake/Controller/Page.php
+++ b/Core/Frameworks/Flake/Controller/Page.php
@@ -73,6 +73,9 @@ class Page extends \Flake\Core\Render\Container {
 	
 	public function injectHTTPHeaders() {
 		header("Content-Type: text/html; charset=UTF-8");
+
+		header("X-Frame-Options: DENY");	# Prevent Clickjacking attacks
+		header("X-Content-Type-Options: nosniff");	# Prevent code injection via mime type sniffing
 	}
 	
 	public function render() {