diff --git a/docker/README.md b/docker/README.md
index eb3c76498ffaf3f780f14c9b4be348000b099676..9636ff324e43b29c67fa367165370bbbf5c3a5f7 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -16,10 +16,6 @@ To use this image, you need a running instance of PostgreSQL and to configure th
 * AUTHENTICATION: true for production, false for development.
 
 
-### RELEASE STAGE ###
-* PRODUCTION: Deployed on production? (True/False) Default is True.
-
-
 ### DATABASE CONFIGURATION ###
 * PORTAL_DB_URL: JDBC URL to connect to the portal database, default value is "jdbc:postgresql://127.0.0.1:5432/portal".
 * PORTAL_DB_SCHEMA: Database schema, default value is "public".
diff --git a/docker/config/application.tmpl b/docker/config/application.tmpl
index 423baccff30b89cd211744ffef45325092cd9096..5859f78a8e9bb52fb8dae1c4083ca3a6b2485334 100644
--- a/docker/config/application.tmpl
+++ b/docker/config/application.tmpl
@@ -14,11 +14,6 @@ authentication:
   enabled: {{ default .Env.AUTHENTICATION "true" }}
 
 
-### RELEASE STAGE ###
-release_stage:
-  production: {{ default .Env.PRODUCTION "true" }}
-
-
 ### DATABASE CONFIGURATION ###
 spring:
   portal-datasource:
diff --git a/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java b/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
index 4e29059450ba102b83fdc9e4744db4c8fc92317e..59929212b6b18d9a377c18fa9adc2fd78e19dfa7 100644
--- a/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
+++ b/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
@@ -42,9 +42,6 @@ public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter
     @Value("#{'${authentication.enabled}'}")
     private boolean authenticationEnabled;
 
-    @Value("#{'${release_stage.production}'}")
-    private boolean deployedOnProduction;
-
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         super.configure(http);
@@ -56,19 +53,14 @@ public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter
                             "/v2/api-docs", "/swagger-ui/**", "/swagger-resources/**"  // Swagger URLs
                     ).permitAll()
                     .antMatchers("/galaxy*", "/galaxy/*").hasRole("DATA MANAGER")
-                    .anyRequest().hasRole("RESEARCHER");
+                    .anyRequest().hasRole("RESEARCHER")
+                    .and().csrf().ignoringAntMatchers("/logout").csrfTokenRepository(csrfTokenRepository())
+                    .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
         } else {
             http.antMatcher("/**")
                     .authorizeRequests()
-                    .antMatchers("/**").permitAll();
-        }
-
-        if (!deployedOnProduction) {
-            // If deployed for development, csrf can be disabled
-            http.csrf().disable();
-        } else {
-            http.csrf().ignoringAntMatchers("/logout").csrfTokenRepository(csrfTokenRepository())
-                    .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
+                    .antMatchers("/**").permitAll()
+                    .and().csrf().disable();
         }
     }
 
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index a62d819f6d0e997572151fc9d7e8f09e6dd029d5..84053f9128a3a2c724ae1aa3ecab8ad0ff9b2e39 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -14,11 +14,6 @@ authentication:
   enabled: true
 
 
-### RELEASE STAGE ###
-release_stage:
-  production: true
-
-
 ### DATABASE CONFIGURATION ###
 spring:
   portal-datasource: