I would suggest you to be very careful with the setting 'security/urlaccessmode' there was a side effect of this setting that I faced in 7.1.7 as below. you will get an error on browser saying No enum constant com.pega.pegarules.session.internal.mgmt.util.URLAccessUtil.ModeSetting."ALLOW"
Not sure about 7.1.8, however I would still suggest you not to configure above setting in DSS, try to use prconfig. In case if you have applied this setting in DSS and faced the same issue then configure the same setting in prconfig.xml file as <env name="security/urlaccessmode" value="warn" /> which will allow you access designer studio and you can change the DSS setting value to Warn.
If you are concerned about CSRF vulnerability, you can use below DSS to prevent the attacks.