diff --git a/services/web/app.coffee b/services/web/app.coffee
index 5b96d1db0b..3d45307e5d 100644
--- a/services/web/app.coffee
+++ b/services/web/app.coffee
@@ -19,6 +19,10 @@ argv = require("optimist")
 	.argv
 
 Server.app.use (error, req, res, next) ->
+	if error?.code is 'EBADCSRFTOKEN'
+		logger.log err: error,url:req.url, method:req.method, user:req?.sesson?.user, "invalid csrf"
+		res.sendStatus(403)
+		return
 	logger.error err: error, url:req.url, method:req.method, user:req?.sesson?.user, "error passed to top level next middlewear"
 	res.statusCode = error.status or 500
 	if res.statusCode == 500