diff --git a/lib/auth.ts b/lib/auth.ts
index 54f2081..e9b72b2 100644
--- a/lib/auth.ts
+++ b/lib/auth.ts
@@ -50,6 +50,13 @@ async function verifyAuthJwt(key: CryptoKey, jwt: string) {
   throw new Error('Invalid JWT');
 }
 
+function resolveCookieDomain(request: Request) {
+  if (!isBaseUrlAnIp() || isRunningLocally(request)) {
+    return baseUrl.replace('https://', '').replace('http://', '').split(':')[0];
+  }
+  return '';
+}
+
 export async function getDataFromRequest(request: Request) {
   const cookies = getCookies(request.headers);
   const authorizationHeader = request.headers.get('authorization');
@@ -158,14 +165,9 @@ export async function logoutUser(request: Request) {
     secure: isRunningLocally(request) ? false : true,
     httpOnly: true,
     sameSite: 'Lax',
+    domain: resolveCookieDomain(request),
   };
 
-  if (!isBaseUrlAnIp()) {
-    cookie.domain = isRunningLocally(request)
-      ? 'localhost'
-      : baseUrl.replace('https://', '').replace('http://', '').split(':')[0];
-  }
-
   const response = new Response('Logged Out', {
     status: 303,
     headers: { 'Location': '/', 'Content-Type': 'text/html; charset=utf-8' },
@@ -212,14 +214,9 @@ export async function createSessionCookie(
     secure: isRunningLocally(request) ? false : true,
     httpOnly: true,
     sameSite: 'Lax',
+    domain: resolveCookieDomain(request),
   };
 
-  if (!isBaseUrlAnIp()) {
-    cookie.domain = isRunningLocally(request)
-      ? 'localhost'
-      : baseUrl.replace('https://', '').replace('http://', '').split(':')[0];
-  }
-
   setCookie(response.headers, cookie);
 
   return response;
@@ -241,14 +238,9 @@ export async function updateSessionCookie(
     secure: isRunningLocally(request) ? false : true,
     httpOnly: true,
     sameSite: 'Lax',
+    domain: resolveCookieDomain(request),
   };
 
-  if (!isBaseUrlAnIp()) {
-    cookie.domain = isRunningLocally(request)
-      ? 'localhost'
-      : baseUrl.replace('https://', '').replace('http://', '').split(':')[0];
-  }
-
   setCookie(response.headers, cookie);
 
   return response;
diff --git a/lib/utils/misc.ts b/lib/utils/misc.ts
index 51b47c0..955f87e 100644
--- a/lib/utils/misc.ts
+++ b/lib/utils/misc.ts
@@ -13,8 +13,43 @@ export const defaultTitle = 'bewCloud is a modern and simpler alternative to Nex
 export const defaultDescription = `Have your files under your own control.`;
 export const helpEmail = 'help@bewcloud.com';
 
-export function isRunningLocally(request: Request) {
-  return request.url.includes('localhost');
+export function isRunningLocally(request: Request): boolean {
+  try {
+    const url = new URL(request.url);
+    const hostname = url.hostname;
+
+    // Local hostnames check
+    if (['localhost', '127.0.0.1', '0.0.0.0'].includes(hostname)) {
+      return true;
+    }
+
+    // Private IP ranges check
+    const ipParts = hostname.split('.').map(Number);
+    
+    // Check if valid IP address
+    if (ipParts.length !== 4 || ipParts.some(part => isNaN(part) || part < 0 || part > 255)) {
+      return false;
+    }
+
+    // 10.0.0.0 - 10.255.255.255
+    if (ipParts[0] === 10) {
+      return true;
+    }
+
+    // 172.16.0.0 - 172.31.255.255
+    if (ipParts[0] === 172 && ipParts[1] >= 16 && ipParts[1] <= 31) {
+      return true;
+    }
+
+    // 192.168.0.0 - 192.168.255.255
+    if (ipParts[0] === 192 && ipParts[1] === 168) {
+      return true;
+    }
+
+    return false;
+  } catch {
+    return false;
+  }
 }
 
 export function escapeHtml(unsafe: string) {