diff --git a/.gems b/.gems
index 365f966..0f9dc27 100644
--- a/.gems
+++ b/.gems
@@ -1,5 +1,4 @@
 capybara -v 1.1.2
-cuba -v 3.0.0
 cuba-contrib -v 3.0.0
 cutest -v 1.1.3
 mote -v 0.2.2
@@ -7,3 +6,6 @@ rake -v 0.9.2.2
 shield -v 0.1.0
 pbkdf2 -v 0.1.0
 malone -v 1.0.0.rc1
+cuba -v 3.0.0
+rack-protection -v 1.2.0
+scrivener -v 0.0.3
diff --git a/app.rb b/app.rb
index 43e1b40..caab35f 100644
--- a/app.rb
+++ b/app.rb
@@ -14,6 +14,9 @@
   root: "public",
   urls: ["/js", "/css", "/less", "/img"]
 
+Cuba.use Rack::Protection
+Cuba.use Rack::Protection::RemoteReferrer
+
 # We use the more secure PBKDF2 password strategy (iterations = 5000)
 Shield::Password.strategy = Shield::Password::PBKDF2
 
diff --git a/shotgun.rb b/shotgun.rb
index a3e81ff..85a50ea 100644
--- a/shotgun.rb
+++ b/shotgun.rb
@@ -7,3 +7,4 @@
 require "ohm"
 require "pbkdf2"
 require "shield"
+require "rack/protection"