diff --git a/main.go b/main.go
index 25cb89f..ea4dac8 100644
--- a/main.go
+++ b/main.go
@@ -104,15 +104,18 @@ func main() {
 	dbConnect()
 	initTemplates()
 	muxRouter := init_route_handlers()
-	errHandler := csrf.ErrorHandler( CSRFErrorHandler{} )
+	//errHandler := csrf.ErrorHandler( CSRFErrorHandler{} )
 
 	// Terrible. TODO: Get SSL for prod, and then wrap in if(dev) { {
-	csrfSecurityOption := csrf.Secure(false)
-	csrfMaxTimeOption := csrf.MaxAge(3600 * 24 * 3) // 3 Days - a little more wiggle room
+	//csrfSecurityOption := csrf.Secure(false)
+	//csrfMaxTimeOption := csrf.MaxAge(3600 * 24 * 3) // 3 Days - a little more wiggle room
 
 	fmt.Println("Listening on", config.Port, "...")
 
-	err := http.ListenAndServe(":"+config.Port, csrf.Protect([]byte(csrfSecret()), errHandler, csrfSecurityOption, csrfMaxTimeOption)(muxRouter))
+	// Disabled CSRF until SSL (and sorting why the popup is throwing CSRF errs
+	//   for tor and FF with ublock + https everywhere)
+	//err := http.ListenAndServe(":"+config.Port, csrf.Protect([]byte(csrfSecret()), errHandler, csrfSecurityOption, csrfMaxTimeOption)(muxRouter))
+	err := http.ListenAndServe(":"+config.Port, muxRouter)
 	if err != nil {
 		fmt.Println("Fatal Error: ", err)
 	}