diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 32c5f68..ec703f7 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -43,7 +43,7 @@ jobs:
       - name: Connect via SSH and deploy
         uses: appleboy/ssh-action@v1.0.3
         env:
-          ENV_PATH: /home/ubuntu/omgg-backend/.env.prod
+          ENV_PATH: .env.prod
         with:
           host: ${{ secrets.SSH_HOST }}
           username: ${{ secrets.SSH_USER }}
diff --git a/config/middlewares.ts b/config/middlewares.ts
index 829f5c0..666f84b 100644
--- a/config/middlewares.ts
+++ b/config/middlewares.ts
@@ -1,12 +1,27 @@
 export default [
   'strapi::logger',
   'strapi::errors',
-  'strapi::security',
-  'strapi::cors',
+  {
+    name: 'strapi::security',
+    config: {
+      contentSecurityPolicy: {
+        useDefaults: true,
+        directives: {
+          'connect-src': ["'self'", 'https:'],
+        },
+      },
+    },
+  },
+  {
+    name: 'strapi::cors',
+    config: {
+      origin: ['https://omgg.fr', 'https://www.omgg.fr'], // ton front et admin
+    },
+  },
   'strapi::poweredBy',
   'strapi::query',
   'strapi::body',
   'strapi::session',
   'strapi::favicon',
   'strapi::public',
-];
+];
\ No newline at end of file
diff --git a/config/server.ts b/config/server.ts
index ae6e02f..413122f 100644
--- a/config/server.ts
+++ b/config/server.ts
@@ -1,12 +1,17 @@
 export default ({ env }) => ({
   host: env('HOST', '0.0.0.0'),
   port: env.int('PORT', 1337),
-  proxy: true,
+  url: env("PUBLIC_URL"),
   webhooks: {
     populateRelations: env.bool("WEBHOOKS_POPULATE_RELATIONS", false)
   },
   app: {
     keys: env.array('APP_KEYS'),
   },
-  url: env("PUBLIC_URL")
+  admin: {
+    auth: {
+      secret: env('ADMIN_JWT_SECRET'),
+    },
+  },
+  proxy: true,
 });