diff --git a/conf/systemd.service b/conf/systemd.service
index f9dc6fb..253309c 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -18,7 +18,7 @@ NoNewPrivileges=yes
 PrivateTmp=yes
 #Private device restrict access to device in /dev/, so to any devices like razberry, zigate, etc.
 #PrivateDevices=yes
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_BLUETOOTH
 RestrictNamespaces=yes
 RestrictRealtime=yes
 #Same : restrict access to devices
diff --git a/scripts/install b/scripts/install
index 3791bfd..a6c93ae 100755
--- a/scripts/install
+++ b/scripts/install
@@ -140,6 +140,33 @@ ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed logi
 #=================================================
 ynh_script_progression --message="Configuring permissions..."
 
+<<<<<<< HEAD
+=======
+# Make app public if necessary
+if [ "$is_public" -eq 1 ]
+then
+	# Everyone can access the app.
+	# The "main" permission is automatically created before the install script.
+	ynh_permission_update --permission="main" --add="visitors"
+
+fi
+
+#remove the authentication header preventing login from 2023.2 and 11.2.3 onward
+ynh_permission_url --permission="main" --auth_header=false
+
+#API & MQTT should stay publicly accessible.  
+ynh_permission_create --permission="domoticz_API" --label="api" --url="$domain$api_path" --allowed="visitors" --show_tile="false" --protected="true"
+[[ ! -z "$mqtt_domain" ]] && ynh_permission_create --permission="domoticz_MQTT" --label="MQTT" --url="$mqtt_domain" --allowed="visitors" --show_tile="false" --protected="true"
+
+
+#=================================================
+# RELOAD NGINX
+#=================================================
+ynh_script_progression --message="Reloading NGINX web server..."
+
+ynh_systemd_action --service_name=nginx --action=reload
+
+>>>>>>> refs/heads/testing
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 554bbde..308a2fb 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -71,6 +71,9 @@ if [ -d "/var/log/$app/$app" ]; then
 	ynh_secure_remove "/var/log/$app/$app"
 fi
 
+#remove the authentication header preventing login from 2023.2 and 11.2.3 onward
+ynh_permission_url --permission="main" --auth_header=false
+
 #=================================================
 # CREATE DEDICATED USER
 #=================================================