diff --git a/cmd/server/container.go b/cmd/server/container.go
index 925aa19..8694e24 100644
--- a/cmd/server/container.go
+++ b/cmd/server/container.go
@@ -79,8 +79,9 @@ func getServiceContainer(ctx context.Context, conf *config.Config) (*service.Con
 	// Define default cookie options
 	sessionStore.SessionOpts.Path = "/"
 	sessionStore.SessionOpts.HttpOnly = true
+	sessionStore.SessionOpts.Secure = conf.HTTP.CookieSecure
 	sessionStore.SessionOpts.MaxAge = conf.HTTP.CookieMaxAge
-	sessionStore.SessionOpts.SameSite = http.SameSiteStrictMode
+	sessionStore.SessionOpts.SameSite = http.SameSiteLaxMode
 
 	ctn.Provide(
 		session.ServiceName,
diff --git a/internal/config/config.go b/internal/config/config.go
index 9f37b55..2036d28 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -47,6 +47,7 @@ type HTTPConfig struct {
 	CookieAuthenticationKey string     `yaml:"cookieAuthenticationKey" env:"HTTP_COOKIE_AUTHENTICATION_KEY"`
 	CookieEncryptionKey     string     `yaml:"cookieEncryptionKey" env:"HTTP_COOKIE_ENCRYPTION_KEY"`
 	CookieMaxAge            int        `yaml:"cookieMaxAge" env:"HTTP_COOKIE_MAX_AGE"`
+	CookieSecure            bool       `yaml:"cookieSecure" env:"HTTP_COOKIE_SECURE"`
 	TemplateDir             string     `yaml:"templateDir" env:"HTTP_TEMPLATE_DIR"`
 	PublicDir               string     `yaml:"publicDir" env:"HTTP_PUBLIC_DIR"`
 	FrontendURL             string     `yaml:"frontendURL" env:"HTTP_FRONTEND_URL"`