diff --git a/.npmrc b/.npmrc
index 6988e2b..60e76a4 100644
--- a/.npmrc
+++ b/.npmrc
@@ -1 +1,11 @@
-registry = "https://registry.npmjs.org/"
\ No newline at end of file
+# npm security best practices
+# Source: https://github.com/lirantal/npm-security-best-practices
+
+# Do not run any lifecycle hook scripts such as postinstall for packages
+ignore-scripts=true
+
+# Do not allow Git / GitHub related sources for packages
+allow-git=none
+
+# Require at least 30 days since package release
+min-release-age=30