diff --git a/uffd/default_config.cfg b/uffd/default_config.cfg
index 6febfc1a6fdee606baa82da1d424ebc47690bedd..f87d040ae3df32c9f2a2e533720bc3ff1610f18d 100644
--- a/uffd/default_config.cfg
+++ b/uffd/default_config.cfg
@@ -12,6 +12,11 @@ LDAP_USER_MIN_UID=10000
 LDAP_USER_MAX_UID=18999
 
 SESSION_LIFETIME_SECONDS=3600
+# CSRF protection
+SESSION_COOKIE_SECURE=True
+SESSION_COOKIE_HTTPONLY=True
+SESSION_COOKIE_SAMESITE='Strict'
+
 
 ACL_ADMIN_GROUP="uffd_admin"
 ACL_SELFSERVICE_GROUP="uffd_access"