diff --git a/opentech/settings/base.py b/opentech/settings/base.py
index 7d2b0b3855d523850e3d37d7e1b63387f27e1a9c..e5e94a16c1a91a7463f0db87866ce012fc2ac112 100644
--- a/opentech/settings/base.py
+++ b/opentech/settings/base.py
@@ -596,6 +596,10 @@ if env.get('SECURE_BROWSER_XSS_FILTER', 'true').lower().strip() == 'true':
 if env.get('SECURE_CONTENT_TYPE_NOSNIFF', 'true').lower().strip() == 'true':
     SECURE_CONTENT_TYPE_NOSNIFF = True
 
+if env.get('COOKIE_SECURE', 'false').lower().strip() == 'true':
+    SESSION_COOKIE_SECURE = True
+    CSRF_COOKIE_SECURE = True
+
 
 # Referrer-policy header settings
 # https://django-referrer-policy.readthedocs.io/en/1.0/
diff --git a/opentech/settings/local.py.example b/opentech/settings/local.py.example
index 51c46d10dd4a0fa92cc68fe000b0fd26d19a30dd..af1a71bdd97806311a13acdae7e54af15a4b5cea 100644
--- a/opentech/settings/local.py.example
+++ b/opentech/settings/local.py.example
@@ -25,3 +25,7 @@ CACHES = {
 
 # Enable Wagtail Cache while developing
 # WAGTAIL_CACHE = True
+
+# If you have a problem with "CSRF cookie not set".
+# CSRF_COOKIE_SAMESITE = None
+# SESSION_COOKIE_SAMESITE = None