diff --git a/solr.bat b/solr.bat
index e4a16c9174909f93fce0b051bcae6e5f0fc121a9..eb6c9b4a403f6469d74f70c06005a7a23f5aa06b 100644
--- a/solr.bat
+++ b/solr.bat
@@ -80,7 +80,7 @@ if not "!%SOLR_PORT%!"=="!!" goto solrportset
 set SOLR_PORT=8080
 :solrportset
 
-call %SOLR_BIN%\solr.cmd %1 %SOLR_ADDITIONAL_START_OPTIONS% -p %SOLR_PORT% -s %SOLR_HOME% -m %SOLR_HEAP% -a "-Dsolr.log=%SOLR_LOGS_DIR% %SOLR_ADDITIONAL_JVM_OPTIONS%"
+call %SOLR_BIN%\solr.cmd %1 %SOLR_ADDITIONAL_START_OPTIONS% -p %SOLR_PORT% -s %SOLR_HOME% -m %SOLR_HEAP% -a "-Ddisable.configEdit=true -Dsolr.log=%SOLR_LOGS_DIR% %SOLR_ADDITIONAL_JVM_OPTIONS%"
 goto end
 
 :usage
diff --git a/solr.sh b/solr.sh
index 49fe26e9a28b8f30ba3be88c4edc6b8d41913efb..c26ca45dd86386c422270867366e8ca81feab7cb 100755
--- a/solr.sh
+++ b/solr.sh
@@ -81,4 +81,4 @@ then
 fi
 
 export SOLR_LOGS_DIR=$SOLR_LOGS_DIR
-"$SOLR_BIN/solr" "$1" ${SOLR_ADDITIONAL_START_OPTIONS} -p "$SOLR_PORT" -s "$SOLR_HOME" -m "$SOLR_HEAP" -a "-Dsolr.log=$SOLR_LOGS_DIR $SOLR_ADDITIONAL_JVM_OPTIONS"
+"$SOLR_BIN/solr" "$1" ${SOLR_ADDITIONAL_START_OPTIONS} -p "$SOLR_PORT" -s "$SOLR_HOME" -m "$SOLR_HEAP" -a "-Ddisable.configEdit=true -Dsolr.log=$SOLR_LOGS_DIR $SOLR_ADDITIONAL_JVM_OPTIONS"
diff --git a/solr/vufind/authority/conf/solrconfig.xml b/solr/vufind/authority/conf/solrconfig.xml
index 30cbc48edb91a49dee06f379138b8242eff82e32..7adca00eec4f2da55e7b6853f727abc3dff7e995 100644
--- a/solr/vufind/authority/conf/solrconfig.xml
+++ b/solr/vufind/authority/conf/solrconfig.xml
@@ -550,7 +550,10 @@
   <queryResponseWriter name="xslt" class="org.apache.solr.response.XSLTResponseWriter">
     <int name="xsltCacheLifetimeSeconds">5</int>
   </queryResponseWriter> 
-    
+
+  <!-- Mitigate CVE-2017-12629 -->
+  <queryParser name="xmlparser" class="solr.ExtendedDismaxQParserPlugin"/>
+
   <!-- config for the admin interface --> 
   <admin>
     <defaultQuery>shakespeare</defaultQuery>
diff --git a/solr/vufind/biblio/conf/solrconfig.xml b/solr/vufind/biblio/conf/solrconfig.xml
index c02fc03eec30161527baf029691f5f266c255b91..4bfbd631875c5774677bcb81b604213c1776f261 100644
--- a/solr/vufind/biblio/conf/solrconfig.xml
+++ b/solr/vufind/biblio/conf/solrconfig.xml
@@ -707,6 +707,9 @@
     <int name="xsltCacheLifetimeSeconds">5</int>
   </queryResponseWriter>
 
+  <!-- Mitigate CVE-2017-12629 -->
+  <queryParser name="xmlparser" class="solr.ExtendedDismaxQParserPlugin"/>
+
   <!-- config for the admin interface -->
   <admin>
     <defaultQuery>shakespeare</defaultQuery>
diff --git a/solr/vufind/reserves/conf/solrconfig.xml b/solr/vufind/reserves/conf/solrconfig.xml
index 0522458b0fde20e79cfc5abaa52b3ce05098dddc..a6f1642d8e7386d55e4722914f19291639c8afe3 100644
--- a/solr/vufind/reserves/conf/solrconfig.xml
+++ b/solr/vufind/reserves/conf/solrconfig.xml
@@ -555,6 +555,9 @@
     <int name="xsltCacheLifetimeSeconds">5</int>
   </queryResponseWriter> 
     
+  <!-- Mitigate CVE-2017-12629 -->
+  <queryParser name="xmlparser" class="solr.ExtendedDismaxQParserPlugin"/>
+
   <!-- config for the admin interface --> 
   <admin>
     <defaultQuery>shakespeare</defaultQuery>
diff --git a/solr/vufind/website/conf/solrconfig.xml b/solr/vufind/website/conf/solrconfig.xml
index 57c5bbe09e8cd5652d8b7e55bfeb259f0f556564..e8d5bf9efa9ba9e72c8615105280d7f32596edf7 100644
--- a/solr/vufind/website/conf/solrconfig.xml
+++ b/solr/vufind/website/conf/solrconfig.xml
@@ -644,6 +644,9 @@
     <int name="xsltCacheLifetimeSeconds">5</int>
   </queryResponseWriter>
 
+  <!-- Mitigate CVE-2017-12629 -->
+  <queryParser name="xmlparser" class="solr.ExtendedDismaxQParserPlugin"/>
+
   <!-- config for the admin interface -->
   <admin>
     <defaultQuery>shakespeare</defaultQuery>