diff --git a/app/utils/sessions.ts b/app/utils/sessions.ts
index 39d93c3..98a7bcf 100644
--- a/app/utils/sessions.ts
+++ b/app/utils/sessions.ts
@@ -27,9 +27,8 @@ export const {
 			maxAge: 60 * 60 * 24, // 24 hours
 			path: '/',
 			sameSite: 'lax',
-			// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
 			secrets: [process.env.COOKIE_SECRET!],
-			secure: true
+			secure: process.env.COOKIE_SECURE !== 'false',
 		}
 	}
 )
diff --git a/docs/Basic-Integration.md b/docs/Basic-Integration.md
index 189fe43..d28a043 100644
--- a/docs/Basic-Integration.md
+++ b/docs/Basic-Integration.md
@@ -43,6 +43,7 @@ services:
       OIDC_ISSUER: 'https://sso.example.com'
       OIDC_CLIENT_SECRET: 'super_secret_client_secret'
       DISABLE_API_KEY_LOGIN: 'true'
+      COOKIE_SECURE: 'false'
 
       # These are the default values
       HOST: '0.0.0.0'
diff --git a/docs/Configuration.md b/docs/Configuration.md
index d6a6df4..a700aea 100644
--- a/docs/Configuration.md
+++ b/docs/Configuration.md
@@ -14,6 +14,7 @@ You can configure Headplane using environment variables.
 - **`CONFIG_FILE`**: The path to the Headscale `config.yaml` (default: `/etc/headscale/config.yaml`).
 - **`ACL_FILE`**: The path to the ACL file (default: `/etc/headscale/acl_policy.json`, not needed if you have `acl_policy_path` in your config).
 - **`HEADSCALE_CONFIG_UNSTRICT`**: This will disable the strict configuration loader (default: `false`).
+- **`COOKIE_SECURE`**: This option enables the `Secure` flag for cookies, ensuring they are sent only over HTTPS, which helps prevent interception and enhances data security. It should be disabled when using HTTP instead of HTTPS (default: `true`).
 
 #### Docker Integration
 The Docker integration allows Headplane to manage the Headscale docker container.
diff --git a/docs/integration/Docker.md b/docs/integration/Docker.md
index 4c85b25..c2e1721 100644
--- a/docs/integration/Docker.md
+++ b/docs/integration/Docker.md
@@ -68,6 +68,9 @@ services:
       HOST: '0.0.0.0'
       PORT: '3000'
         
+      # Only set this to false if you aren't behind a reverse proxy
+      COOKIE_SECURE: 'false'
+
       # Overrides the configuration file values if they are set in config.yaml
       # If you want to share the same OIDC configuration you do not need this
       OIDC_CLIENT_ID: 'headscale'
diff --git a/docs/integration/Kubernetes.md b/docs/integration/Kubernetes.md
index 10c1754..6cea662 100644
--- a/docs/integration/Kubernetes.md
+++ b/docs/integration/Kubernetes.md
@@ -98,6 +98,10 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.name
+
+          # Only set this to false if you aren't behind a reverse proxy
+        - name: COOKIE_SECURE
+          value: 'false'
         volumeMounts:
         - name: headscale-config
           mountPath: /etc/headscale