diff --git a/.env.example b/.env.example
index 2de2526be..1cf90ef9b 100644
--- a/.env.example
+++ b/.env.example
@@ -4,8 +4,7 @@ DATABASE_URL="file:./database/db.sqlite"
 # You can generate a new secret on the command line with:
 # openssl rand -base64 32
 # https://next-auth.js.org/configuration/options#secret
-NEXTAUTH_URL="http://localhost:3000"
-
+AUTH_TRUST_HOST="true"
 NEXTAUTH_SECRET="anything"
 
 # Disable analytics
diff --git a/Dockerfile b/Dockerfile
index f1a674f23..55051f3f1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -52,7 +52,7 @@ EXPOSE $PORT
 ENV PORT=${PORT}
 
 ENV DATABASE_URL "file:/data/db.sqlite"
-ENV NEXTAUTH_URL "http://localhost:7575"
+ENV AUTH_TRUST_HOST="true"
 ENV PORT 7575
 ENV NEXTAUTH_SECRET NOT_IN_USE_BECAUSE_JWTS_ARE_UNUSED
 
diff --git a/package.json b/package.json
index 7eb148800..2e9a308a2 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "homarr",
-  "version": "0.15.4",
+  "version": "0.15.5",
   "description": "Homarr - A homepage for your server.",
   "license": "MIT",
   "repository": {
@@ -11,7 +11,7 @@
     "dev": "next dev",
     "build": "NEXTAUTH_SECRET=WILL_BE_OVERWRITTEN next build",
     "analyze": "ANALYZE=true next build",
-    "turbo": "DATABASE_URL=file:WILL_BE_OVERWRITTEN.sqlite NEXTAUTH_URL=http://WILL_BE_OVERWRITTEN turbo build",
+    "turbo": "DATABASE_URL=file:WILL_BE_OVERWRITTEN.sqlite turbo build",
     "start": "next start",
     "typecheck": "tsc --noEmit",
     "export": "next build && next export",
@@ -244,4 +244,4 @@
       ]
     }
   }
-}
+}
\ No newline at end of file
diff --git a/public/locales/el/modules/health-monitoring.json b/public/locales/el/modules/health-monitoring.json
index eb28b29f8..8d3a2f26e 100644
--- a/public/locales/el/modules/health-monitoring.json
+++ b/public/locales/el/modules/health-monitoring.json
@@ -86,7 +86,7 @@
   },
   "info": {
     "uptime": "Χρόνος Λειτουργίας",
-    "uptimeFormat": "",
+    "uptimeFormat": "{{days}} ημέρες, {{hours}} ώρες, {{minutes}} λεπτά",
     "updates": "Διαθέσιμες ενημερώσεις",
     "reboot": "Επανεκκίνηση"
   },
diff --git a/public/locales/fr/authentication/login.json b/public/locales/fr/authentication/login.json
index 33a136eaa..ebdb08346 100644
--- a/public/locales/fr/authentication/login.json
+++ b/public/locales/fr/authentication/login.json
@@ -16,7 +16,7 @@
     },
     "afterLoginRedirection": "Après la connexion, vous serez redirigé vers {{url}}",
     "providersEmpty": {
-      "title": "Erreur de fournisseur d'authentification",
+      "title": "Erreur du fournisseur d'authentification",
       "message": "Le(s) fournisseur(s) n'est (ne sont) pas défini(s), veuillez vérifier les journaux pour plus d'informations."
     }
   },
diff --git a/public/locales/fr/boards/customize.json b/public/locales/fr/boards/customize.json
index 548ca7342..e75b1b165 100644
--- a/public/locales/fr/boards/customize.json
+++ b/public/locales/fr/boards/customize.json
@@ -4,7 +4,7 @@
     "backToBoard": "Retour au tableau de bord",
     "settings": {
         "appearance": {
-            "primaryColor": "Couleur primaire",
+            "primaryColor": "Couleur principale",
             "secondaryColor": "Couleur secondaire"
         }
     },
diff --git a/src/components/Dashboard/Tiles/Apps/AppPing.tsx b/src/components/Dashboard/Tiles/Apps/AppPing.tsx
index 4b3e4a4b8..7afabf673 100644
--- a/src/components/Dashboard/Tiles/Apps/AppPing.tsx
+++ b/src/components/Dashboard/Tiles/Apps/AppPing.tsx
@@ -108,18 +108,11 @@ const usePing = (app: AppType) => {
       configName: name ?? '',
     },
     {
-      retry: true,
+      retry: false,
       enabled: isActive,
       refetchOnWindowFocus: false,
       refetchInterval: 1000 * 60,
-      retryDelay(failureCount, error) {
-        console.error(`Unable to retry app ping for app '${app.name}' (${app.id})`, error);
-        if (failureCount > 3) {
-          return 60 * 1000;
-        }
-        return 3 * 1000;
-      },
-      cacheTime: 1000 * 60,
+      cacheTime: 1000 * 30,
       retryOnMount: true,
       select: (data) => {
         const isOk = isStatusOk(app, data.status);
diff --git a/src/components/Dashboard/Tiles/Apps/AppTile.tsx b/src/components/Dashboard/Tiles/Apps/AppTile.tsx
index e9fa7dc01..3a04ce85b 100644
--- a/src/components/Dashboard/Tiles/Apps/AppTile.tsx
+++ b/src/components/Dashboard/Tiles/Apps/AppTile.tsx
@@ -89,6 +89,7 @@ export const AppTile = ({ className, app }: AppTileProps) => {
         <UnstyledButton
           style={{ pointerEvents: isEditMode ? 'none' : 'auto' }}
           component="a"
+          rel="noreferrer"
           href={href}
           target={app.behaviour.isOpeningNewTab ? '_blank' : '_self'}
           className={`${classes.button} ${classes.base}`}
diff --git a/src/components/layout/header/Search.tsx b/src/components/layout/header/Search.tsx
index e0de950b2..a49085a6a 100644
--- a/src/components/layout/header/Search.tsx
+++ b/src/components/layout/header/Search.tsx
@@ -13,6 +13,7 @@ import { useTranslation } from 'next-i18next';
 import { useRouter } from 'next/router';
 import { ReactNode, forwardRef, useMemo, useRef, useState } from 'react';
 import { useConfigContext } from '~/config/provider';
+import { useGetExternalUrl } from '~/hooks/useExternalUrl';
 import { api } from '~/utils/api';
 
 import { MovieModal } from './Search/MovieModal';
@@ -141,6 +142,7 @@ const getItemComponent = (icon: SearchAutoCompleteItem['icon']) => {
 
 const useConfigApps = (search: string) => {
   const { config } = useConfigContext();
+  const getHref = useGetExternalUrl();
   return useMemo(() => {
     if (search.trim().length === 0) return [];
     const apps = config?.apps.filter((app) =>
@@ -153,7 +155,7 @@ const useConfigApps = (search: string) => {
         value: app.name,
         sort: 'app',
         metaData: {
-          url: app.behaviour.externalUrl,
+          url: getHref(app),
         },
       })) ?? []
     );
diff --git a/src/env.js b/src/env.js
index 858595821..662856e5d 100644
--- a/src/env.js
+++ b/src/env.js
@@ -37,13 +37,6 @@ const env = createEnv({
     DATABASE_URL: z.string().url().default('file:../database/db.sqlite'),
     NEXTAUTH_SECRET:
       process.env.NODE_ENV === 'production' ? z.string().min(1) : z.string().min(1).optional(),
-    NEXTAUTH_URL: z.preprocess(
-      // This makes Vercel deployments not fail if you don't set NEXTAUTH_URL
-      // Since NextAuth.js automatically uses the VERCEL_URL if present.
-      (str) => process.env.VERCEL_URL ?? str,
-      // VERCEL_URL doesn't include `https` so it cant be validated as a URL
-      process.env.VERCEL ? z.string().min(1) : z.string().url()
-    ),
     DOCKER_HOST: z.string().optional(),
     DOCKER_PORT: portSchema,
     DEMO_MODE: z.string().optional(),
@@ -136,7 +129,6 @@ const env = createEnv({
   runtimeEnv: {
     DATABASE_URL: process.env.DATABASE_URL,
     NEXTAUTH_SECRET: process.env.NEXTAUTH_SECRET,
-    NEXTAUTH_URL: process.env.NEXTAUTH_URL,
     NEXT_PUBLIC_DISABLE_ANALYTICS: process.env.DISABLE_ANALYTICS,
     DOCKER_HOST: process.env.DOCKER_HOST,
     DOCKER_PORT: process.env.DOCKER_PORT,
diff --git a/src/hooks/useExternalUrl.ts b/src/hooks/useExternalUrl.ts
index bbd774220..c992a11f2 100644
--- a/src/hooks/useExternalUrl.ts
+++ b/src/hooks/useExternalUrl.ts
@@ -3,6 +3,10 @@ import * as tldts from 'tldts';
 import { AppType } from '~/types/app';
 
 export const useGetExternalUrl = () => {
+  if (typeof window === 'undefined') {
+    return (appType: AppType) => appType.behaviour.externalUrl || appType.url;
+  }
+
   const parsedUrl = useMemo(() => {
     try {
       return tldts.parse(window.location.toString());
diff --git a/src/server/auth.ts b/src/server/auth.ts
index 5f56c5c66..9b7e19a93 100644
--- a/src/server/auth.ts
+++ b/src/server/auth.ts
@@ -106,6 +106,17 @@ export const constructAuthOptions = async (
   },
   adapter: adapter as Adapter,
   providers: [...(await getProviders(req.headers)), EmptyNextAuthProvider()],
+  cookies: {
+    sessionToken: {
+      name: 'next-auth.session-token',
+      options: {
+        httpOnly: true,
+        sameSite: 'lax',
+        path: '/',
+        secure: true,
+      },
+    },
+  },
   jwt: {
     async encode(params) {
       if (!isCredentialsRequest(req)) {
diff --git a/src/widgets/dnshole/DnsHoleControls.tsx b/src/widgets/dnshole/DnsHoleControls.tsx
index 8a543e610..236fa129c 100644
--- a/src/widgets/dnshole/DnsHoleControls.tsx
+++ b/src/widgets/dnshole/DnsHoleControls.tsx
@@ -279,18 +279,20 @@ function DnsHoleControlsWidgetTile({ widget }: DnsHoleControlsWidgetProps) {
                         {t(dnsHole.status)}
                       </Badge>
                     </UnstyledButton>
-                    <ActionIcon
-                      size={20}
-                      radius="xl"
-                      top="2.67px"
-                      variant="default"
-                      onClick={() => {
-                        setAppId(app.id);
-                        open();
-                      }}
-                    >
-                      <IconClockPause size={20} color="red" />
-                    </ActionIcon>
+                    {enableControls && (
+                      <ActionIcon
+                        size={20}
+                        radius="xl"
+                        top="2.67px"
+                        variant="default"
+                        onClick={() => {
+                          setAppId(app.id);
+                          open();
+                        }}
+                      >
+                        <IconClockPause size={20} color="red" />
+                      </ActionIcon>
+                    )}
                   </Flex>
                 </Stack>
               </Group>