diff --git a/mumble-server.service b/mumble-server.service
index 52f5726..8b7d8c6 100644
--- a/mumble-server.service
+++ b/mumble-server.service
@@ -14,6 +14,19 @@ Requires=var-run.mount network.target remote-fs.target time-sync.target
 After=var-run.mount network.target remote-fs.target time-sync.target mysql.target
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+PrivateDevices=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions 
 User=mumble-server
 Group=mumble-server
 ExecStart=/usr/sbin/murmurd -fg -ini /etc/mumble-server.ini
diff --git a/mumble.changes b/mumble.changes
index de30621..82cd5b0 100644
--- a/mumble.changes
+++ b/mumble.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Oct  7 10:25:52 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
+
+- Added hardening to systemd service(s) (bsc#1181400). Modified:
+  * mumble-server.service
+
 -------------------------------------------------------------------
 Fri Feb 12 08:53:58 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>