diff --git a/config/site_settings.yml b/config/site_settings.yml
index d36ccedf892..038b2b6b0b7 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -1396,7 +1396,7 @@ security:
     list_type: compact
   slow_down_crawler_rate: 60
   content_security_policy:
-    default: false
+    default: true
   content_security_policy_report_only:
     default: false
   content_security_policy_collect_reports:
diff --git a/db/migrate/20190110142917_enable_content_security_policy_for_new_sites.rb b/db/migrate/20190110142917_enable_content_security_policy_for_new_sites.rb
deleted file mode 100644
index c5b8e11d813..00000000000
--- a/db/migrate/20190110142917_enable_content_security_policy_for_new_sites.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-class EnableContentSecurityPolicyForNewSites < ActiveRecord::Migration[5.2]
-  def up
-    return if Rails.env.test?
-    return if row_exists?
-
-    if instance_is_new?
-      execute "INSERT INTO site_settings(name, data_type, value, created_at, updated_at)
-               VALUES ('content_security_policy', 5, 't', now(), now())"
-    end
-  end
-
-  def down
-    # Don't undo, up method only enables CSP if row isn't already there and if instance is new
-  end
-
-  def row_exists?
-    DB.query("SELECT 1 AS one FROM site_settings where name='content_security_policy'").present?
-  end
-
-  def instance_is_new?
-    dates = DB.query_single("SELECT created_at FROM posts ORDER BY created_at ASC LIMIT 1")
-    dates.empty? || dates.first > 1.week.ago
-  end
-
-end
diff --git a/lib/tasks/qunit.rake b/lib/tasks/qunit.rake
index 195ca2e7a51..f476c774b49 100644
--- a/lib/tasks/qunit.rake
+++ b/lib/tasks/qunit.rake
@@ -7,6 +7,9 @@ task "qunit:test", [:timeout, :qunit_path] => :environment do |_, args|
   require "socket"
   require 'rbconfig'
 
+  puts "Turning off CSP to allow qunit to run"
+  SiteSetting.content_security_policy = false
+
   if RbConfig::CONFIG['host_os'][/darwin|mac os/]
     google_chrome_cli = "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome"
   else
@@ -88,8 +91,6 @@ task "qunit:test", [:timeout, :qunit_path] => :environment do |_, args|
       exit 1
     end
     puts "Rails server is warmed up"
-    puts "Turning off CSP to allow qunit to run"
-    SiteSetting.content_security_policy = false
 
     sh(cmd)