diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix
index 31efb83..b8ed884 100644
--- a/hosts/fwminex/configuration.nix
+++ b/hosts/fwminex/configuration.nix
@@ -238,6 +238,7 @@ in
             X-XSS-Protection "1; mode=block"
             # Disallow the site to be rendered within a frame (clickjacking protection)
             X-Frame-Options "SAMEORIGIN"
+            Alt-Svc "h3=\":443\"; ma=86400"
           }
 
           reverse_proxy 127.0.0.1:${toString myData.ports.vaultwarden} {
@@ -281,6 +282,7 @@ in
             Content-Security-Policy "default-src 'self'"
             X-Content-Type-Options "nosniff"
             X-Frame-Options "DENY"
+            Alt-Svc "h3=\":443\"; ma=86400"
 
             /_/* Cache-Control "public, max-age=31536000, immutable"
           }
diff --git a/modules/services/gitea/default.nix b/modules/services/gitea/default.nix
index cc10c85..447721c 100644
--- a/modules/services/gitea/default.nix
+++ b/modules/services/gitea/default.nix
@@ -93,6 +93,7 @@
             Content-Security-Policy "frame-ancestors 'none'; default-src 'none'; connect-src 'self'; font-src 'self' data:; form-action 'self'; img-src 'self' https://ga-beacon.appspot.com https://raw.githubusercontent.com https://secure.gravatar.com https://sourcethemes.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self';"
             X-Content-Type-Options "nosniff"
             X-Frame-Options "DENY"
+            Alt-Svc "h3=\":443\"; ma=86400"
           }
 
           reverse_proxy 127.0.0.1:${toString myData.ports.gitea}