Helmet helps you secure your Express apps by setting various HTTP headers. It’s not a silver bullet, but it can help. Its adding some special headers to your responses

npm install --save helmet

app.js

...
const helmet = require("helmet");
const app = express();
app.use(helmet());
...