diff --git a/Dockerfile b/Dockerfile
index 16bdb6d..2f0ac67 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,4 +28,4 @@
 # Expose Spring Boot default port
 EXPOSE 8088
 # Run the spring boot app
-ENTRYPOINT ["java","-jar","app.jar"]
\ No newline at end of file
+ENTRYPOINT ["java","-jar","app.jar", "--spring.profiles.active=prod"]
\ No newline at end of file
diff --git a/src/main/java/com/kpaudel/config/SecurityConfig.java b/src/main/java/com/kpaudel/config/SecurityConfig.java
index 5d74d60..602abbf 100644
--- a/src/main/java/com/kpaudel/config/SecurityConfig.java
+++ b/src/main/java/com/kpaudel/config/SecurityConfig.java
@@ -34,9 +34,9 @@
         http.csrf(csrf -> csrf.disable())
                 .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .authorizeHttpRequests(authz -> authz
-                        .requestMatchers("/api/auth/**", "/").permitAll()
-                        .requestMatchers("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.ico", "/index.html").permitAll()
-                        .anyRequest().authenticated()
+                        .requestMatchers("/api/auth/**").permitAll()
+                        .requestMatchers("/api/**").authenticated()
+                        .anyRequest().permitAll()
                 )
                 .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
 
diff --git a/src/main/java/com/kpaudel/controller/ApiController.java b/src/main/java/com/kpaudel/controller/ApiController.java
index c7d5fae..0d9b883 100644
--- a/src/main/java/com/kpaudel/controller/ApiController.java
+++ b/src/main/java/com/kpaudel/controller/ApiController.java
@@ -27,7 +27,7 @@
 
 @RestController
 @RequestMapping("/api")
-@CrossOrigin(origins = "http://localhost:3000")  // frontend dev CORS
+@CrossOrigin(origins = {"http://localhost:3000", "https://jobs.kpaudel.com.np"})  // allow prod
 public class ApiController {
     private final JobService service;
     private final CompanyRepository companyRepo;
diff --git a/src/main/java/com/kpaudel/controller/AuthController.java b/src/main/java/com/kpaudel/controller/AuthController.java
index 5026cda..24d56f0 100644
--- a/src/main/java/com/kpaudel/controller/AuthController.java
+++ b/src/main/java/com/kpaudel/controller/AuthController.java
@@ -17,10 +17,11 @@
 import java.util.Map;
 import java.util.Optional;
 import java.util.UUID;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 
 @RestController
 @RequestMapping("/api/auth")
-@CrossOrigin(origins = {"http://localhost:3000"})
+@CrossOrigin(origins = {"http://localhost:3000", "https://jobs.kpaudel.com.np"})
 public class AuthController {
 
     @Autowired
@@ -66,7 +67,12 @@
         user.setConfirmationToken(confirmationToken);
         userRepository.save(user);
 
-        emailService.sendConfirmationEmail(email, confirmationToken);
+        String confirmationUrl = ServletUriComponentsBuilder.fromCurrentContextPath()
+                .path("/api/auth/confirm")
+                .queryParam("token", confirmationToken)
+                .build()
+                .toUriString();
+        emailService.sendConfirmationEmail(email, confirmationUrl);
 
         return ResponseEntity.ok(Map.of("message", "User registered successfully. Please check your email for confirmation."));
     }
diff --git a/src/main/java/com/kpaudel/service/EmailService.java b/src/main/java/com/kpaudel/service/EmailService.java
index c905230..8224152 100644
--- a/src/main/java/com/kpaudel/service/EmailService.java
+++ b/src/main/java/com/kpaudel/service/EmailService.java
@@ -7,14 +7,15 @@
 
 @Service
 public class EmailService {
+
     @Autowired
     private JavaMailSender mailSender;
 
-    public void sendConfirmationEmail(String to, String token) {
+    public void sendConfirmationEmail(String to, String confirmationUrl) {
         SimpleMailMessage message = new SimpleMailMessage();
         message.setTo(to);
         message.setSubject("Confirm your registration");
-        message.setText("Please confirm your registration by clicking this link: http://localhost:8080/api/auth/confirm?token=" + token);
+        message.setText("Please confirm your registration by clicking this link: " + confirmationUrl);
         mailSender.send(message);
     }
 
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 6668d45..0a8a79e 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,4 +1,4 @@
-spring.profiles.active=prod
+spring.profiles.active=dev
 spring.mvc.pathmatch.matching-strategy=ant_path_matcher
 
 #JPA/HIBERNATE