diff --git a/src/ledger/settings.py b/src/ledger/settings.py
index a42f2f0..090f293 100644
--- a/src/ledger/settings.py
+++ b/src/ledger/settings.py
@@ -26,7 +26,13 @@
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = bool(os.environ.get("DJANGO_DEBUG", default="1"))
 
-ALLOWED_HOSTS = ["*"] if DEBUG else ["localhost", "127.0.0.1"]
+ALLOWED_HOSTS = ["*"] if DEBUG else ["localhost", "127.0.0.1", "ledger.unitystation.org"]
+
+# CSRF
+CSRF_TRUSTED_ORIGINS = ['https://ledger.unitystation.org']
+CORS_ORIGIN_ALLOW_ALL = DEBUG
+CORS_ALLOWED_ORIGINS = ['https://ledger.unitystation.org']
+SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 
 # Application definition