title: Configure Helmet Using the ‘parent’ helmet() Middleware
challengeType: 2
---
## Description
<sectionid='description'>
As a reminder, this project is being built upon the following starter project on <ahref='https://glitch.com/#!/import/github/freeCodeCamp/boilerplate-infosec/'>Glitch</a>, or cloned from <ahref='https://github.com/freeCodeCamp/boilerplate-infosec/'>GitHub</a>.
<code>app.use(helmet())</code> will automatically include all the middleware introduced above, except <code>noCache()</code>, and <code>contentSecurityPolicy()</code>, but these can be enabled if necessary. You can also disable or configure any other middleware individually, using a configuration object.
We introduced each middleware separately for teaching purposes and for ease of testing. Using the ‘parent’<code>helmet()</code> middleware is easy to implement in a real project.