diff --git a/lib/public/AppFramework/Http/Response.php b/lib/public/AppFramework/Http/Response.php
index f46aa9e2880fd..186190956948e 100644
--- a/lib/public/AppFramework/Http/Response.php
+++ b/lib/public/AppFramework/Http/Response.php
@@ -106,11 +106,11 @@ public function __construct() {
 	 * @since 6.0.0 - return value was added in 7.0.0
 	 */
 	public function cacheFor(int $cacheSeconds) {
-		if($cacheSeconds > 0) {
-			$this->addHeader('Cache-Control', 'max-age=' . $cacheSeconds . ', must-revalidate');
+		if ($cacheSeconds > 0) {
+			$this->addHeader('Cache-Control', 'private, max-age=' . $cacheSeconds . ', must-revalidate');
 
 			// Old scool prama caching
-			$this->addHeader('Pragma', 'public');
+			$this->addHeader('Pragma', 'private');
 
 			// Set expires header
 			$expires = new \DateTime();
diff --git a/tests/lib/AppFramework/Http/ResponseTest.php b/tests/lib/AppFramework/Http/ResponseTest.php
index 9d6442ea3ce25..257535171ca0a 100644
--- a/tests/lib/AppFramework/Http/ResponseTest.php
+++ b/tests/lib/AppFramework/Http/ResponseTest.php
@@ -239,8 +239,8 @@ public function testCacheSeconds() {
 		$this->childResponse->cacheFor(33);
 
 		$headers = $this->childResponse->getHeaders();
-		$this->assertEquals('max-age=33, must-revalidate', $headers['Cache-Control']);
-		$this->assertEquals('public', $headers['Pragma']);
+		$this->assertEquals('private, max-age=33, must-revalidate', $headers['Cache-Control']);
+		$this->assertEquals('private', $headers['Pragma']);
 		$this->assertEquals('Thu, 15 Jan 1970 06:56:40 +0000', $headers['Expires']);
 	}
 
@@ -270,7 +270,7 @@ public function testChainability() {
 		$this->assertEquals(Http::STATUS_NOT_FOUND, $this->childResponse->getStatus());
 		$this->assertEquals('hi', $this->childResponse->getEtag());
 		$this->assertEquals('Thu, 01 Jan 1970 00:00:01 +0000', $headers['Last-Modified']);
-		$this->assertEquals('max-age=33, must-revalidate',
+		$this->assertEquals('private, max-age=33, must-revalidate',
 			$headers['Cache-Control']);
 
 	}