diff --git a/.golangci.yaml b/.golangci.yaml
index b3d9bbfe3..ea958e528 100644
--- a/.golangci.yaml
+++ b/.golangci.yaml
@@ -13,6 +13,7 @@ linters:
     - intrange
     - perfsprint
     - ineffassign
+    - bodyclose
 
 linters-settings:
   depguard:
diff --git a/api/http/security/rate_limiter_test.go b/api/http/security/rate_limiter_test.go
index 351eb6577..6f63028ac 100644
--- a/api/http/security/rate_limiter_test.go
+++ b/api/http/security/rate_limiter_test.go
@@ -33,8 +33,13 @@ func TestLimitAccess(t *testing.T) {
 
 		ts := httptest.NewServer(handler)
 		defer ts.Close()
-		http.Get(ts.URL)
+
 		resp, err := http.Get(ts.URL)
+		if err == nil {
+			resp.Body.Close()
+		}
+
+		resp, err = http.Get(ts.URL)
 		if err != nil {
 			t.Fatal(err)
 		}
diff --git a/pkg/libhelm/validate_repo.go b/pkg/libhelm/validate_repo.go
index 1b4de5dc5..163b414e4 100644
--- a/pkg/libhelm/validate_repo.go
+++ b/pkg/libhelm/validate_repo.go
@@ -42,6 +42,8 @@ func ValidateHelmRepositoryURL(repoUrl string, client *http.Client) error {
 		return fmt.Errorf("%s is not a valid chart repository or cannot be reached: %w", repoUrl, err)
 	}
 
+	response.Body.Close()
+
 	// Success is indicated with 2xx status codes. 3xx status codes indicate a redirect.
 	statusOK := response.StatusCode >= 200 && response.StatusCode < 300
 	if !statusOK {
diff --git a/pkg/libhelm/validate_repo_test.go b/pkg/libhelm/validate_repo_test.go
index 55d9d4736..8b98befb7 100644
--- a/pkg/libhelm/validate_repo_test.go
+++ b/pkg/libhelm/validate_repo_test.go
@@ -1,10 +1,13 @@
 package libhelm
 
 import (
+	"net/http"
+	"net/http/httptest"
 	"testing"
 
 	"github.com/portainer/portainer/pkg/libhelm/test"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func Test_ValidateHelmRepositoryURL(t *testing.T) {
@@ -49,3 +52,41 @@ func Test_ValidateHelmRepositoryURL(t *testing.T) {
 		}(test)
 	}
 }
+
+func TestValidateHelmRepositoryURL(t *testing.T) {
+	var fail bool
+
+	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if fail {
+			w.WriteHeader(http.StatusNotFound)
+
+			return
+		}
+
+		w.WriteHeader(http.StatusOK)
+	}))
+	defer srv.Close()
+
+	// Success
+	err := ValidateHelmRepositoryURL(srv.URL, nil)
+	require.NoError(t, err)
+
+	// Failure
+	fail = true
+
+	var failureURLs = []string{
+		"",
+		"!",
+		"oci://example.com",
+		"ftp://example.com",
+		srv.URL,
+	}
+
+	for _, url := range failureURLs {
+		err = ValidateHelmRepositoryURL(url, nil)
+		require.Error(t, err)
+
+		err = ValidateHelmRepositoryURL(srv.URL, nil)
+		require.Error(t, err)
+	}
+}