diff --git a/backend/server/main/settings.py b/backend/server/main/settings.py
index 8ccb49b..208b2a1 100644
--- a/backend/server/main/settings.py
+++ b/backend/server/main/settings.py
@@ -13,6 +13,7 @@ import os
 from dotenv import load_dotenv
 from os import getenv
 from pathlib import Path
+from urllib.parse import urlparse
 # Load environment variables from .env file
 load_dotenv()
 
@@ -127,14 +128,23 @@ USE_L10N = True
 
 USE_TZ = True
 
-SESSION_COOKIE_SAMESITE = None
-SESSION_COOKIE_SECURE = getenv('FRONTEND_URL', 'http://localhost:3000').startswith('https://')
-from urllib.parse import urlparse
+FRONTEND_URL = getenv('FRONTEND_URL', 'http://localhost:3000')
+
+SESSION_COOKIE_SAMESITE = None
+
+SESSION_COOKIE_SECURE = FRONTEND_URL.startswith('https')
+
+parsed_url = urlparse(FRONTEND_URL)
+hostname = parsed_url.hostname
+is_ip_address = hostname.replace('.', '').isdigit()
+if is_ip_address:
+    # Do not set a domain for IP addresses
+    SESSION_COOKIE_DOMAIN = None
+else:
+    # Calculate the cookie domain for valid domain names
+    domain_parts = hostname.split('.')
+    SESSION_COOKIE_DOMAIN = '.' + '.'.join(domain_parts[-2:]) if len(domain_parts) > 1 else hostname
 
-frontend_url = getenv('FRONTEND_URL', 'http://localhost:3000')
-parsed_url = urlparse(frontend_url)
-domain_parts = parsed_url.hostname.split('.')
-SESSION_COOKIE_DOMAIN = '.' + '.'.join(domain_parts[-2:]) if len(domain_parts) > 1 else parsed_url.hostname
 
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/1.7/howto/static-files/
@@ -190,8 +200,6 @@ ACCOUNT_SIGNUP_FORM_CLASS = 'users.form_overrides.CustomSignupForm'
 
 SESSION_SAVE_EVERY_REQUEST = True
 
-FRONTEND_URL = getenv('FRONTEND_URL', 'http://localhost:3000')
-
 # Set login redirect URL to the frontend
 LOGIN_REDIRECT_URL = FRONTEND_URL
 
diff --git a/frontend/src/routes/+page.server.ts b/frontend/src/routes/+page.server.ts
index af567d0..7855cd8 100644
--- a/frontend/src/routes/+page.server.ts
+++ b/frontend/src/routes/+page.server.ts
@@ -46,24 +46,26 @@ export const actions: Actions = {
 		// Determine the proper cookie domain
 		const hostname = event.url.hostname;
 		const domainParts = hostname.split('.');
+		const isIPAddress = /^\d{1,3}(\.\d{1,3}){3}$/.test(hostname);
 		let cookieDomain: string | undefined = undefined;
 
-		if (domainParts.length > 2) {
-			// For subdomains like app.mydomain.com -> .mydomain.com
-			cookieDomain = '.' + domainParts.slice(-2).join('.');
-		} else if (domainParts.length === 2) {
-			// For root domains like mydomain.com -> .mydomain.com
-			cookieDomain = '.' + hostname;
-		} else {
-			// For localhost or single-part domains (e.g., "localhost")
-			cookieDomain = undefined; // Do not set the domain
+		if (!isIPAddress) {
+			// Handle domain names
+			if (domainParts.length > 2) {
+				// For subdomains like app.mydomain.com -> .mydomain.com
+				cookieDomain = '.' + domainParts.slice(-2).join('.');
+			} else if (domainParts.length === 2) {
+				// For root domains like mydomain.com -> .mydomain.com
+				cookieDomain = '.' + hostname;
+			}
 		}
+		// No domain is set for IP addresses or single-part hostnames like "localhost"
 
 		// Delete the session cookie
 		event.cookies.delete('sessionid', {
 			path: '/',
 			secure: event.url.protocol === 'https:',
-			domain: cookieDomain
+			domain: cookieDomain // Undefined for IP addresses, used for domain names
 		});
 
 		if (res.status === 401) {
diff --git a/frontend/src/routes/login/+page.server.ts b/frontend/src/routes/login/+page.server.ts
index 6452180..f8723ba 100644
--- a/frontend/src/routes/login/+page.server.ts
+++ b/frontend/src/routes/login/+page.server.ts
@@ -116,16 +116,19 @@ function handleSuccessfulLogin(event: RequestEvent, response: Response) {
 			const domainParts = hostname.split('.');
 			let cookieDomain: string | undefined = undefined;
 
-			if (domainParts.length > 2) {
-				// For subdomains like app.mydomain.com -> .mydomain.com
-				cookieDomain = '.' + domainParts.slice(-2).join('.');
-			} else if (domainParts.length === 2) {
-				// For root domains like mydomain.com -> .mydomain.com
-				cookieDomain = '.' + hostname;
-			} else {
-				// For localhost or single-part domains (e.g., "localhost")
-				cookieDomain = undefined; // Do not set the domain
+			// Check if hostname is an IP address
+			const isIPAddress = /^\d{1,3}(\.\d{1,3}){3}$/.test(hostname);
+
+			if (!isIPAddress) {
+				if (domainParts.length > 2) {
+					// For subdomains like app.mydomain.com -> .mydomain.com
+					cookieDomain = '.' + domainParts.slice(-2).join('.');
+				} else if (domainParts.length === 2) {
+					// For root domains like mydomain.com -> .mydomain.com
+					cookieDomain = '.' + hostname;
+				}
 			}
+			// Do not set a domain for IP addresses or single-part hostnames
 
 			console.log('Setting sessionid cookie with domain:', cookieDomain);
 
@@ -135,7 +138,7 @@ function handleSuccessfulLogin(event: RequestEvent, response: Response) {
 				sameSite: 'lax',
 				secure: event.url.protocol === 'https:',
 				expires: new Date(expiryString),
-				domain: cookieDomain // Set the domain dynamically
+				domain: cookieDomain // Set the domain dynamically or omit if undefined
 			});
 		}
 	}