diff --git a/config/settings/base.py b/config/settings/base.py
index d9df4e87..b3ca72cd 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -35,6 +35,7 @@
 # ------------------------------------------------------------------------------
 # Hosts/domain names that are valid for this site
 ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['*'])
+USE_X_FORWARDED_HOST = env.bool('DJANGO_USE_X_FORWARDED_HOST', default=False)
 
 # APP CONFIGURATION
 # ------------------------------------------------------------------------------
diff --git a/config/settings/production.py b/config/settings/production.py
index 9d86f543..792d0c36 100644
--- a/config/settings/production.py
+++ b/config/settings/production.py
@@ -43,6 +43,8 @@
 )
 CSRF_COOKIE_SECURE = True
 CSRF_COOKIE_HTTPONLY = True
+CSRF_TRUSTED_ORIGINS = env.list('DJANGO_CSRF_TRUSTED_ORIGINS', default=[])
+CSRF_COOKIE_DOMAIN = env.str('DJANGO_CSRF_COOKIE_DOMAIN', default=None)
 X_FRAME_OPTIONS = 'DENY'
 
 INSTALLED_APPS += ['gunicorn']