diff --git a/config.toml b/config.toml
index 4932ce4..0c2faea 100644
--- a/config.toml
+++ b/config.toml
@@ -154,8 +154,8 @@ style = "github-dark"
 childsrc = ["'self'"]
 fontsrc = ["'self'", "https://fonts.gstatic.com", "https://cdn.jsdelivr.net/"]
 formaction = ["'self'"]
-framesrc = ["'self'", "https://www.youtube.com"]
-imgsrc = ["'self'"]
+framesrc = ["'self'", "https://www.youtube.com", "https://disqus.com"]
+imgsrc = ["'self'", "https://referrer.disqus.com", "https://c.disquscdn.com", "https://*.disqus.com"]
 objectsrc = ["'none'"]
 stylesrc = [
   "'self'",
@@ -178,7 +178,7 @@ scriptsrc = [
 ]
 prefetchsrc = ["'self'"]
 # connect-src directive – defines valid targets for to XMLHttpRequest (AJAX), WebSockets or EventSource
-connectsrc = ["'self'", "https://www.google-analytics.com", "https://pagead2.googlesyndication.com", "https://cloudflareinsights.com", "ws://localhost:1313", "ws://localhost:*", "wss://localhost:*"]
+connectsrc = ["'self'", "https://www.google-analytics.com", "https://pagead2.googlesyndication.com", "https://cloudflareinsights.com", "ws://localhost:1313", "ws://localhost:*", "wss://localhost:*", "https://links.services.disqus.com", "https://*.disqus.com"]
 
 # Social links
 [[params.social]]