diff --git a/settings.py b/settings.py
index b3b6c5d3..d3ae2f9e 100644
--- a/settings.py
+++ b/settings.py
@@ -45,9 +45,6 @@
 LOGIN_URL = '/login/'
 LOGIN_REDIRECT_URL = '/'
 
-# Set django's User stuff to use our profile model
-AUTH_PROFILE_MODULE = 'devel.UserProfile'
-
 MIDDLEWARE = (
     'django.middleware.common.CommonMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
@@ -97,9 +94,6 @@
 # X-Content-Type-Options, stops browsers from trying to MIME-sniff the content type
 SECURE_CONTENT_TYPE_NOSNIFF = True
 
-# X-XSS-Protection, enables cross-site scripting filter in most browsers
-SECURE_BROWSER_XSS_FILTER = True
-
 # CSP Settings
 CSP_DEFAULT_SRC = ("'self'",)
 CSP_SCRIPT_SRC = ("'self'",)