diff --git a/src/Http/Middleware/PreventRegularBrowserAccess.php b/src/Http/Middleware/PreventRegularBrowserAccess.php
index de1c72bf..6722a3da 100644
--- a/src/Http/Middleware/PreventRegularBrowserAccess.php
+++ b/src/Http/Middleware/PreventRegularBrowserAccess.php
@@ -9,6 +9,10 @@ class PreventRegularBrowserAccess
 {
     public function handle(Request $request, Closure $next)
     {
+        if (! config('nativephp-internal.running')) {
+            return $next($request);
+        }
+
         // Explicitly skip for the cookie-setting route
         if ($request->path() === '_native/api/cookie') {
             return $next($request);
diff --git a/src/NativeServiceProvider.php b/src/NativeServiceProvider.php
index ad222f9b..74dfba3c 100644
--- a/src/NativeServiceProvider.php
+++ b/src/NativeServiceProvider.php
@@ -4,6 +4,7 @@
 
 use Illuminate\Console\Application;
 use Illuminate\Foundation\Application as Foundation;
+use Illuminate\Foundation\Http\Kernel;
 use Illuminate\Support\Arr;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Support\Facades\DB;
@@ -23,6 +24,7 @@
 use Native\Laravel\Events\EventWatcher;
 use Native\Laravel\Exceptions\Handler;
 use Native\Laravel\GlobalShortcut as GlobalShortcutImplementation;
+use Native\Laravel\Http\Middleware\PreventRegularBrowserAccess;
 use Native\Laravel\Logging\LogWatcher;
 use Native\Laravel\PowerMonitor as PowerMonitorImplementation;
 use Native\Laravel\Windows\WindowManager as WindowManagerImplementation;
@@ -84,6 +86,11 @@ public function packageRegistered()
                 Handler::class
             );
 
+            // Automatically prevent browser access
+            $this->app->make(Kernel::class)->pushMiddleware(
+                PreventRegularBrowserAccess::class,
+            );
+
             Application::starting(function ($app) {
                 $app->resolveCommands([
                     LoadStartupConfigurationCommand::class,