diff --git a/AKPlanning/settings.py b/AKPlanning/settings.py
index 1a53cb2b1aa4d77f1f3b098df9d21cf7d0d15323..835a02817d6bad4c065e06d4ff54f0a00b9af631 100644
--- a/AKPlanning/settings.py
+++ b/AKPlanning/settings.py
@@ -63,6 +63,7 @@ MIDDLEWARE = [
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
+    'csp.middleware.CSPMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'simple_history.middleware.HistoryRequestMiddleware',
 ]
@@ -194,4 +195,13 @@ DASHBOARD_RECENT_MAX = 25
 SIMPLE_BACKEND_REDIRECT_URL = "/user/"
 LOGIN_REDIRECT_URL = SIMPLE_BACKEND_REDIRECT_URL
 
+# Content Security Policy
+CSP_DEFAULT_SRC = ("'self'",)
+CSP_SCRIPT_SRC = ("'self'", "'unsafe-inline'")
+CSP_STYLE_SRC = ("'self'", "'unsafe-inline'", "fonts.googleapis.com")
+CSP_IMG_SRC = ("*", "data:")
+CSP_MEDIA_SRC = ("*", )
+CSP_FRAME_SRC = ("'self'", )
+CSP_FONT_SRC = ("'self'", "data:", "fonts.gstatic.com")
+
 include(optional("settings/*.py"))
diff --git a/requirements.txt b/requirements.txt
index 176ecddcb86a08622ed74567a87ff7fc64f0cc3e..2d21e5a5cdf1e4161852a84c8ab11db7eb9b3f2e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -8,5 +8,6 @@ django-simple-history==3.0.0
 django-registration-redux==2.9
 django-debug-toolbar==3.2.1
 django-bootstrap-datepicker-plus==3.0.5
+django-csp==3.7
 mysqlclient==2.0.3  # for production deployment
 pytz==2021.1