diff --git a/app/webroot/.htaccess b/app/webroot/.htaccess
index 1d499ba73..e3543be40 100644
--- a/app/webroot/.htaccess
+++ b/app/webroot/.htaccess
@@ -1,3 +1,9 @@
+# Uncomment the following to prevent the httpoxy vulnerability
+# See: https://httpoxy.org/
+#<IfModule mod_headers.c>
+#	RequestHeader unset Proxy
+#</IfModule>
+
 <IfModule mod_rewrite.c>
 	RewriteEngine On
 	RewriteCond %{REQUEST_FILENAME} !-d