diff --git a/Gemfile b/Gemfile
index 88d232271950..3f05359394f2 100644
--- a/Gemfile
+++ b/Gemfile
@@ -123,7 +123,7 @@ gem 'daemons'
 gem 'delayed_cron_job', '~> 0.9.0'
 gem 'delayed_job_active_record', '~> 4.1.5'
 
-gem 'rack-protection', '~> 3.0.0'
+gem 'rack-protection', '~> 3.1.0'
 
 # Rack::Attack is a rack middleware to protect your web app from bad clients.
 # It allows whitelisting, blacklisting, throttling, and tracking based
diff --git a/Gemfile.lock b/Gemfile.lock
index 1390a95d2f15..2d8468fd47e5 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -744,8 +744,8 @@ GEM
       faraday-follow_redirects
       json-jwt (>= 1.11.0)
       rack (>= 2.1.0)
-    rack-protection (3.0.6)
-      rack
+    rack-protection (3.1.0)
+      rack (~> 2.2, >= 2.2.4)
     rack-test (2.1.0)
       rack (>= 1.3)
     rack-timeout (0.6.3)
@@ -1116,7 +1116,7 @@ DEPENDENCIES
   rack-attack (~> 6.7.0)
   rack-cors (~> 2.0.0)
   rack-mini-profiler
-  rack-protection (~> 3.0.0)
+  rack-protection (~> 3.1.0)
   rack-test (~> 2.1.0)
   rack-timeout (~> 0.6.3)
   rack_session_access