diff --git a/dd-sso/docker/haproxy/haproxy.cnf.parts/backends.cnf b/dd-sso/docker/haproxy/haproxy.cnf.parts/backends.cnf
index 33e096c..d866eed 100644
--- a/dd-sso/docker/haproxy/haproxy.cnf.parts/backends.cnf
+++ b/dd-sso/docker/haproxy/haproxy.cnf.parts/backends.cnf
@@ -49,7 +49,7 @@ backend be_oof
 backend be_wp
 	mode http
 	# Add security headers here, as WP is a tad of a pain to setup
-	http-response set-header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data: *; style-src 'self' 'unsafe-inline' data: fonts.googleapis.com maxcdn.bootstrapcdn.com; font-src 'self' data: fonts.gstatic.com maxcdn.bootstrapcdn.com; frame-src youtube.com https://www.youtube.com"
+	http-response set-header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data: *; style-src 'self' 'unsafe-inline' data: fonts.googleapis.com maxcdn.bootstrapcdn.com; font-src 'self' data: fonts.gstatic.com maxcdn.bootstrapcdn.com; frame-src 'self' youtube.com https://www.youtube.com"
 	http-response set-header X-Content-Type-Options "nosniff"
 	server wp dd-apps-wordpress:80 check port 80 inter 5s rise 2 fall 10 resolvers mydns init-addr none
 #