diff --git a/README.md b/README.md
index 3f5436c..d988a1d 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ wp secure flush
 ```
 
 ### Add Security Headers
-Adds the HSTS, Referrer-Policy, X-Content-Type-Options, X-Frame-Options and X-XSS-Protection
+Adds the HSTS, Referrer-Policy, X-Content-Type-Options and X-Frame-Options
 
 You can choose to add all above or only one or more by using `--headers` argument.
 
diff --git a/src/SubCommands/AddSecurityHeaders.php b/src/SubCommands/AddSecurityHeaders.php
index 5a165e1..af33d36 100644
--- a/src/SubCommands/AddSecurityHeaders.php
+++ b/src/SubCommands/AddSecurityHeaders.php
@@ -14,8 +14,7 @@ public function getTemplateVars() : array {
             'Strict-Transport-Security' => '"max-age=63072000; includeSubDomains; preload"',
             'Referrer-Policy' => 'strict-origin-when-cross-origin',
             'X-Content-Type-Options' => 'nosniff',
-            'X-Frame-Options' => 'SAMEORIGIN',
-            'X-XSS-Protection' => '"1; mode=block"'
+            'X-Frame-Options' => 'SAMEORIGIN'
         ];
 
         $headers = $this->commandArguments['headers'] ?? array_keys($default_headers);
diff --git a/tests/Feature/AddSecurityHeadersTest.php b/tests/Feature/AddSecurityHeadersTest.php
index a729ada..28cad33 100644
--- a/tests/Feature/AddSecurityHeadersTest.php
+++ b/tests/Feature/AddSecurityHeadersTest.php
@@ -25,7 +25,6 @@ public function testItWillContainAllHeadersOnNginx() : void {
         $this->assertNotEmpty($response->getHeaderLine( 'Referrer-Policy' ));
         $this->assertNotEmpty($response->getHeaderLine( 'x-content-type-options' ));
         $this->assertNotEmpty($response->getHeaderLine( 'X-Frame-Options' ));
-        $this->assertNotEmpty($response->getHeaderLine( 'X-XSS-Protection' ));
     }
 
     public function testItWillContainAllHeadersOnApache() : void {
@@ -35,6 +34,5 @@ public function testItWillContainAllHeadersOnApache() : void {
         $this->assertNotEmpty($response->getHeaderLine( 'Referrer-Policy' ));
         $this->assertNotEmpty($response->getHeaderLine( 'x-content-type-options' ));
         $this->assertNotEmpty($response->getHeaderLine( 'X-Frame-Options' ));
-        $this->assertNotEmpty($response->getHeaderLine( 'X-XSS-Protection' ));
     }
 }
\ No newline at end of file