diff --git a/config/conf/corsheaders.py b/config/conf/corsheaders.py
index 433a257..bf86889 100644
--- a/config/conf/corsheaders.py
+++ b/config/conf/corsheaders.py
@@ -8,5 +8,7 @@ CORS_ALLOW_ALL_ORIGINS = True
 CORS_ALLOW_CREDENTIALS = True
 
 CSRF_TRUSTED_ORIGINS = [
+    'https://api.meridynpharma.com/',
+    'http://api.meridynpharma.com/'
     'https://api.meridynpharma.com'
 ]
\ No newline at end of file
diff --git a/config/settings/base.py b/config/settings/base.py
index 548b334..b0a6ee0 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -109,4 +109,9 @@ DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
 
 AUTH_USER_MODEL = 'accounts.User'
 
+SECURE_PROXY_SSL_HEADER = (
+    "HTTP_X_FORWARDED_PROTO",
+    env.str("SWAGGER_PROTOCOL", "https"),
+)
+
 import config.conf
\ No newline at end of file