diff --git a/src/routes/index.ts b/src/routes/index.ts
index a9403ab26..7cc0a5014 100644
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@@ -23,6 +23,11 @@ function index(req: Request, res: Response) {
     const csrfToken = req.csrfToken();
     log.info(`Generated CSRF token ${csrfToken} with secret ${res.getHeader('set-cookie')}`);
 
+    // We force the page to not be cached since on mobile the CSRF token can be
+    // broken when closing the browser and coming back in to the page.
+    // The page is restored from cache, but the API call fail.
+    res.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
+
     res.render(view, {
         csrfToken: csrfToken,
         themeCssUrl: getThemeCssUrl(options.theme),