diff --git a/lib/PostText/Controller/Moderator.pm b/lib/PostText/Controller/Moderator.pm
index c5917d4..9730559 100644
--- a/lib/PostText/Controller/Moderator.pm
+++ b/lib/PostText/Controller/Moderator.pm
@@ -39,8 +39,15 @@ sub login($self) {
     if ($v && $v->has_data) {
         $v->required('email'   )->size(6,    320);
         $v->required('password')->size(12, undef);
+        $v->csrf_protect;
 
-        if ($v->has_error) {
+        if ($v->has_error('csrf_token')) {
+            $self->stash(
+                status => 403,
+                error  => 'Something went wrong, please try again. 🥺'
+                );
+        }
+        elsif ($v->has_error) {
             $self->stash(status => 400)
         }
         else {
diff --git a/lib/PostText/Controller/Remark.pm b/lib/PostText/Controller/Remark.pm
index 7af6dd7..cc89179 100644
--- a/lib/PostText/Controller/Remark.pm
+++ b/lib/PostText/Controller/Remark.pm
@@ -36,8 +36,15 @@ sub create($self) {
         $v->required('body'   )->size(2, $body_limit);
         $v->optional('bump'   );
         $v->optional('preview');
+        $v->csrf_protect;
 
-        if ($v->has_error) {
+        if ($v->has_error('csrf_token')) {
+            $self->stash(
+                status => 403,
+                error  => 'Something went wrong, please try again. 🥺'
+                )
+        }
+        elsif ($v->has_error) {
             $self->stash(status => 400)
         }
         else {