diff --git a/src/Umbraco.Web.Common/ApplicationBuilder/UmbracoApplicationBuilder.cs b/src/Umbraco.Web.Common/ApplicationBuilder/UmbracoApplicationBuilder.cs
index bacd61b45b..707fdc4e1e 100644
--- a/src/Umbraco.Web.Common/ApplicationBuilder/UmbracoApplicationBuilder.cs
+++ b/src/Umbraco.Web.Common/ApplicationBuilder/UmbracoApplicationBuilder.cs
@@ -91,6 +91,8 @@ public class UmbracoApplicationBuilder : IUmbracoApplicationBuilder, IUmbracoEnd
         AppBuilder.UseAuthentication();
         AppBuilder.UseAuthorization();
 
+        AppBuilder.UseAntiforgery();
+
         // This must come after auth because the culture is based on the auth'd user
         AppBuilder.UseRequestLocalization();
 
diff --git a/src/Umbraco.Web.UI/Program.cs b/src/Umbraco.Web.UI/Program.cs
index 780ac4d53e..ce23e48ff6 100644
--- a/src/Umbraco.Web.UI/Program.cs
+++ b/src/Umbraco.Web.UI/Program.cs
@@ -11,11 +11,6 @@ WebApplication app = builder.Build();
 
 await app.BootUmbracoAsync();
 
-if (app.Environment.IsDevelopment())
-{
-    app.UseDeveloperExceptionPage();
-}
-
 #if (UseHttpsRedirect)
 app.UseHttpsRedirection();
 #endif