diff --git a/src/main/groovy/io/xh/hoist/HoistCoreGrailsPlugin.groovy b/src/main/groovy/io/xh/hoist/HoistCoreGrailsPlugin.groovy
index e46d55ec..64794ea5 100644
--- a/src/main/groovy/io/xh/hoist/HoistCoreGrailsPlugin.groovy
+++ b/src/main/groovy/io/xh/hoist/HoistCoreGrailsPlugin.groovy
@@ -10,7 +10,6 @@ package io.xh.hoist
 import grails.plugins.Plugin
 import io.xh.hoist.cluster.ClusterService
 import io.xh.hoist.exception.ExceptionHandler
-import io.xh.hoist.security.HoistSecurityFilter
 import io.xh.hoist.websocket.HoistWebSocketConfigurer
 import org.springframework.boot.web.servlet.FilterRegistrationBean
 import org.springframework.core.Ordered
@@ -37,8 +36,8 @@ class HoistCoreGrailsPlugin extends Plugin {
         {->
             ClusterService.initializeInstance()
 
-            hoistIdentityFilter(FilterRegistrationBean) {
-                filter = bean(HoistSecurityFilter)
+            hoistFilter(FilterRegistrationBean) {
+                filter = bean(HoistFilter)
                 order = Ordered.HIGHEST_PRECEDENCE + 40
             }
 
diff --git a/src/main/groovy/io/xh/hoist/security/HoistSecurityFilter.groovy b/src/main/groovy/io/xh/hoist/HoistFilter.groovy
similarity index 56%
rename from src/main/groovy/io/xh/hoist/security/HoistSecurityFilter.groovy
rename to src/main/groovy/io/xh/hoist/HoistFilter.groovy
index 7fce59ef..07258997 100644
--- a/src/main/groovy/io/xh/hoist/security/HoistSecurityFilter.groovy
+++ b/src/main/groovy/io/xh/hoist/HoistFilter.groovy
@@ -5,20 +5,28 @@
  * Copyright © 2023 Extremely Heavy Industries Inc.
  */
 
-package io.xh.hoist.security
+package io.xh.hoist
 
 import groovy.transform.CompileStatic
-import io.xh.hoist.exception.ExceptionHandler
 import io.xh.hoist.exception.InstanceNotAvailableException
 import io.xh.hoist.log.LogSupport
+import io.xh.hoist.security.BaseAuthenticationService
 import io.xh.hoist.util.Utils
 
 import javax.servlet.*
 import javax.servlet.http.HttpServletRequest
 import javax.servlet.http.HttpServletResponse
 
+/**
+ * Main Filter for all requests in Hoist.
+ *
+ * This filter is installed by Hoist Core with very high preference and is designed to
+ * precede/wrap the built-in grails filters.
+ *
+ * Implements security, app ready checking, and catches uncaught exceptions.
+ */
 @CompileStatic
-class HoistSecurityFilter implements Filter, LogSupport {
+class HoistFilter implements Filter, LogSupport {
     void init(FilterConfig filterConfig) {}
     void destroy() {}
 
@@ -28,8 +36,7 @@ class HoistSecurityFilter implements Filter, LogSupport {
 
         // Need to be *ready* before even attempting auth.
         if (!Utils.instanceReady) {
-            ExceptionHandler exceptionHandler = Utils.exceptionHandler
-            exceptionHandler.handleException(
+            Utils.exceptionHandler.handleException(
                 exception: new InstanceNotAvailableException('Application may be initializing. Please try again shortly.'),
                 renderTo: httpResponse,
                 logTo: this
@@ -37,9 +44,17 @@ class HoistSecurityFilter implements Filter, LogSupport {
             return
         }
 
-        BaseAuthenticationService svc = Utils.authenticationService
-        if (svc.allowRequest(httpRequest, httpResponse)) {
-            chain.doFilter(request, response)
+        BaseAuthenticationService authSvc = Utils.authenticationService
+        if (authSvc.allowRequest(httpRequest, httpResponse)) {
+            try {
+                chain.doFilter(request, response)
+            } catch (Throwable t) {
+                Utils.exceptionHandler.handleException(
+                    exception: t,
+                    renderTo: httpResponse,
+                    logTo: this
+                )
+            }
         }
     }
 }