diff --git a/config/settings/common.py b/config/settings/common.py
index f159722e2..fc60f08b0 100644
--- a/config/settings/common.py
+++ b/config/settings/common.py
@@ -242,6 +242,7 @@
 
 # Set the session cookie in admin, defaults to 20 minutes
 SESSION_COOKIE_AGE = env('SESSION_COOKIE_AGE', default=20 * 60)
+SESSION_COOKIE_SECURE = True
 
 # Staff SSO integration settings