diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -61,6 +61,23 @@
 		add_compiler_flag(-fPIE)
 		add_linker_flag(-pie)
 	endif()
+	
+	# Enable stack protection
+	add_cxx_compiler_flag(-fstack-protector-all -Wstack-protector)
+	
+	# Enable some buffer overflow checking
+	add_compiler_flag(-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2)
+	
+	# Make the relocated sections read-only
+	add_linker_flag(-Wl,-z,relro -Wl,-z,now)
+
+	# Enable ASLR (these flags are primarily targeting MinGw)
+	add_linker_flag(-Wl,--dynamicbase -Wl,--nxcompat -Wl,--high-entropy-va)
+	
+	if(${CMAKE_SYSTEM_NAME} MATCHES "Windows")
+		# MinGw provides its own libssp for stack smashing protection
+		add_linker_flag(-lssp)
+	endif()
 endif()
 
 # Enable warning