diff --git a/services/web/app/src/infrastructure/Server.js b/services/web/app/src/infrastructure/Server.js
index 0ab677dbb5..740e5122c4 100644
--- a/services/web/app/src/infrastructure/Server.js
+++ b/services/web/app/src/infrastructure/Server.js
@@ -161,7 +161,7 @@ webRouter.use(
     },
     store: sessionStore,
     key: Settings.cookieName,
-    rolling: true,
+    rolling: Settings.cookieRollingSession === true,
   })
 )
 if (Features.hasFeature('saas')) {
@@ -203,23 +203,25 @@ webRouter.use(webRouter.csrf.middleware)
 webRouter.use(translations.i18nMiddleware)
 webRouter.use(translations.setLangBasedOnDomainMiddleware)
 
-// Measure expiry from last request, not last login
-webRouter.use(function (req, res, next) {
-  if (!req.session.noSessionCallback) {
-    req.session.touch()
-    if (SessionManager.isUserLoggedIn(req.session)) {
-      UserSessionsManager.touch(
-        SessionManager.getSessionUser(req.session),
-        err => {
-          if (err) {
-            logger.err({ err }, 'error extending user session')
+if (Settings.cookieRollingSession) {
+  // Measure expiry from last request, not last login
+  webRouter.use(function (req, res, next) {
+    if (!req.session.noSessionCallback) {
+      req.session.touch()
+      if (SessionManager.isUserLoggedIn(req.session)) {
+        UserSessionsManager.touch(
+          SessionManager.getSessionUser(req.session),
+          err => {
+            if (err) {
+              logger.err({ err }, 'error extending user session')
+            }
           }
-        }
-      )
+        )
+      }
     }
-  }
-  next()
-})
+    next()
+  })
+}
 
 webRouter.use(ReferalConnect.use)
 expressLocals(webRouter, privateApiRouter, publicApiRouter)
diff --git a/services/web/config/settings.defaults.js b/services/web/config/settings.defaults.js
index e03e32ddb7..ca4b0e0cf5 100644
--- a/services/web/config/settings.defaults.js
+++ b/services/web/config/settings.defaults.js
@@ -264,6 +264,7 @@ module.exports = {
   // replace subdomain with dot to have them accessible on all subdomains
   cookieDomain: process.env.COOKIE_DOMAIN,
   cookieName: process.env.COOKIE_NAME || 'sharelatex.sid',
+  cookieRollingSession: true,
 
   // this is only used if cookies are used for clsi backend
   // clsiCookieKey: "clsiserver"