diff --git a/boofilsic/settings.py b/boofilsic/settings.py
index 49c85dcd..7a7d35dc 100644
--- a/boofilsic/settings.py
+++ b/boofilsic/settings.py
@@ -236,13 +236,6 @@ MASTODON_ALLOWED_SITES: str = env("NEODB_LOGIN_MASTODON_WHITELIST")  # type:igno
 # Allow user to login via any Mastodon/Pleroma sites
 MASTODON_ALLOW_ANY_SITE = len(MASTODON_ALLOWED_SITES) == 0
 
-ALTERNATIVE_DOMAINS = [d.lower() for d in env("NEODB_ALTERNATIVE_DOMAINS", default=[])]  # type: ignore
-
-SITE_DOMAINS = [SITE_DOMAIN] + ALTERNATIVE_DOMAINS
-
-# ALLOWED_HOSTS = SITE_DOMAINS + ["127.0.0.1"]
-ALLOWED_HOSTS = ["*"]
-
 ENABLE_LOCAL_ONLY = env("NEODB_ENABLE_LOCAL_ONLY")
 
 # Timeout of requests to Mastodon, in seconds
@@ -459,16 +452,23 @@ USE_L10N = True
 USE_TZ = True
 
 USE_X_FORWARDED_HOST = True
-SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 DATA_UPLOAD_MAX_MEMORY_SIZE = 100 * 1024 * 1024
+
 CSRF_COOKIE_SECURE = True
 SESSION_COOKIE_SECURE = True
+
 SSL_ONLY = env("SSL_ONLY")
+SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+SECURE_REDIRECT_EXEMPT = [r"^nodeinfo/"]
 SECURE_SSL_REDIRECT = SSL_ONLY
 SECURE_HSTS_PRELOAD = SSL_ONLY
 SECURE_HSTS_INCLUDE_SUBDOMAINS = SSL_ONLY
 SECURE_HSTS_SECONDS = 2592000 if SSL_ONLY else 0
 
+ALTERNATIVE_DOMAINS = [d.lower() for d in env("NEODB_ALTERNATIVE_DOMAINS", default=[])]  # type: ignore
+SITE_DOMAINS = [SITE_DOMAIN] + ALTERNATIVE_DOMAINS
+ALLOWED_HOSTS = SITE_DOMAINS + ["127.0.0.1"] if SSL_ONLY else ["*"]
+
 STATIC_URL = "/s/"
 STATIC_ROOT = env("NEODB_STATIC_ROOT", default=os.path.join(BASE_DIR, "static/"))  # type: ignore