diff --git a/backend/src/Squidex/Areas/Api/Controllers/Assets/AssetContentController.cs b/backend/src/Squidex/Areas/Api/Controllers/Assets/AssetContentController.cs
index 27ca3afbb..e7cc8f194 100644
--- a/backend/src/Squidex/Areas/Api/Controllers/Assets/AssetContentController.cs
+++ b/backend/src/Squidex/Areas/Api/Controllers/Assets/AssetContentController.cs
@@ -120,6 +120,8 @@ namespace Squidex.Areas.Api.Controllers.Assets
 
             if (asset.IsProtected && !Resources.CanReadAssets)
             {
+                Response.Headers[HeaderNames.CacheControl] = $"public,max-age=0";
+
                 return StatusCode(403);
             }