diff --git a/config/settings.py b/config/settings.py
index 0f93c69..408e0e6 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -15,7 +15,7 @@ ALLOWED_HOSTS = []
 
 INTERNAL_IPS = ['localhost', '127.0.0.1',]
 
-#
+# Localization
 
 LANGUAGES = [
     ('en', _('English')),
@@ -56,6 +56,7 @@ MIDDLEWARE = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'django.middleware.security.SecurityMiddleware',
 ]
 
 ROOT_URLCONF = 'config.urls'
@@ -155,10 +156,14 @@ SESSION_COOKIE_AGE = 60 * 60 * 24 * 365 * 5  # 5 vuotta
 SESSION_EXPIRE_AT_BROWSER_CLOSE = False
 SESSION_COOKIE_SAMESITE = 'Lax'
 SESSION_CACHE_ALIAS = "default"
+SESSION_COOKIE_SECURE = True
 
 # Sessio backend: cache + fallback tietokantaan
 SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db'
 
+CSRF_COOKIE_SECURE = True
+SECURE_SSL_REDIRECT = True
+
 # Redis cache
 CACHES = {
     "default": {