diff --git a/config/cms.php b/config/cms.php
index 953b8b222..4ef0703c1 100644
--- a/config/cms.php
+++ b/config/cms.php
@@ -251,6 +251,19 @@ return [
 
     'defaultMask' => ['file' => null, 'folder' => null],
 
+    /*
+    |--------------------------------------------------------------------------
+    | Safe Mode
+    |--------------------------------------------------------------------------
+    |
+    | If safe mode is enabled, the PHP code section is disabled in the CMS
+    | for security reasons. If set to null, safe mode is on when debug mode
+    | (app.debug) is disabled.
+    |
+    */
+
+    'enableSafeMode' => null,
+
     /*
     |--------------------------------------------------------------------------
     | Cross Site Request Forgery (CSRF) Protection
diff --git a/modules/cms/classes/CmsCompoundObject.php b/modules/cms/classes/CmsCompoundObject.php
index defa0c032..9221c3396 100644
--- a/modules/cms/classes/CmsCompoundObject.php
+++ b/modules/cms/classes/CmsCompoundObject.php
@@ -1,6 +1,7 @@
 <?php namespace Cms\Classes;
 
 use Ini;
+use Lang;
 use Cache;
 use Config;
 use Cms\Twig\Loader as TwigLoader;
@@ -8,6 +9,7 @@ use Cms\Twig\Extension as CmsTwigExtension;
 use System\Twig\Extension as SystemTwigExtension;
 use October\Rain\Halcyon\Processors\SectionParser;
 use Twig_Environment;
+use ApplicationException;
 
 /**
  * This is a base class for CMS objects that have multiple sections - pages, partials and layouts.
@@ -87,6 +89,15 @@ class CmsCompoundObject extends CmsObject
         $this->parseSettings();
     }
 
+    /**
+     * Triggered when the model is saved.
+     * @return void
+     */
+    public function beforeSave()
+    {
+        $this->checkSafeMode();
+    }
+
     /**
      * Create a new Collection instance.
      *
@@ -123,6 +134,23 @@ class CmsCompoundObject extends CmsObject
         $this->fillViewBagArray();
     }
 
+    /**
+     * This method checks if safe mode is enabled by config, and the code
+     * attribute is modified and populated. If so an exception is thrown.
+     * @return void
+     */
+    protected function checkSafeMode()
+    {
+        $safeMode = Config::get('cms.enableSafeMode', false);
+        if ($safeMode === null) {
+            $safeMode = !Config::get('app.debug', false);
+        }
+
+        if ($safeMode && $this->isDirty('code') && strlen(trim($this->code))) {
+            throw new ApplicationException(Lang::get('cms::lang.cms_object.safe_mode_enabled'));
+        }
+    }
+
     //
     // Components
     //
diff --git a/modules/cms/lang/en/lang.php b/modules/cms/lang/en/lang.php
index 9a1baf569..7caa27274 100644
--- a/modules/cms/lang/en/lang.php
+++ b/modules/cms/lang/en/lang.php
@@ -10,7 +10,8 @@ return [
         'invalid_file_extension'=>'Invalid file extension: :invalid. Allowed extensions are: :allowed.',
         'error_deleting' => "Error deleting the template file ':name'. Please check write permissions.",
         'delete_success' => 'Templates were successfully deleted: :count.',
-        'file_name_required' => 'The File Name field is required.'
+        'file_name_required' => 'The File Name field is required.',
+        'safe_mode_enabled' => 'Safe mode is currently enabled.',
     ],
     'theme' => [
         'not_found_name' => "The theme ':name' is not found.",