diff --git a/internal/http/middleware/must_login.go b/internal/http/middleware/must_login.go
index 3b4b75d9..d7195f7e 100644
--- a/internal/http/middleware/must_login.go
+++ b/internal/http/middleware/must_login.go
@@ -94,6 +94,7 @@ func MustLogin(t *gotext.Locale, conf *koanf.Koanf, session *sessions.Manager, u
 						Expires:  time.Now().Add(time.Duration(session.Lifetime) * time.Minute),
 						Path:     "/",
 						HttpOnly: true,
+						Secure:   conf.Bool("http.tls"),
 						SameSite: http.SameSiteLaxMode,
 					})
 				}