diff --git a/.env.example b/.env.example
index 319e03eda..bbd825a9a 100644
--- a/.env.example
+++ b/.env.example
@@ -110,7 +110,7 @@ OTEL_EXPORTER_OTLP_HEADERS=
 OTEL_SERVICE_NAME=
 
 # Set HTTP_X_FORWARDED_PROTO ONLY to true if you know what you are doing.
-# Only use it if your proxy is "swalloing" if the original request was made
+# Only use it if your proxy is "swallowing" if the original request was made
 # via https. Please refer to the Django-Documentation and assess the risks
 # for your instance:
 # https://docs.djangoproject.com/en/3.2/ref/settings/#secure-proxy-ssl-header
diff --git a/bookwyrm/settings.py b/bookwyrm/settings.py
index 45a620847..ed0f57839 100644
--- a/bookwyrm/settings.py
+++ b/bookwyrm/settings.py
@@ -365,6 +365,6 @@ OTEL_SERVICE_NAME = env("OTEL_SERVICE_NAME", None)
 
 TWO_FACTOR_LOGIN_MAX_SECONDS = 60
 
-HTTP_X_FORWARDED_PROTO = env.bool("SECURE_PROXY_SSL_HEADER", false)
+HTTP_X_FORWARDED_PROTO = env.bool("SECURE_PROXY_SSL_HEADER", False)
 if HTTP_X_FORWARDED_PROTO:
     SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")