diff --git a/app.py b/app.py
index 1acd705..442bf60 100644
--- a/app.py
+++ b/app.py
@@ -63,16 +63,6 @@ logging.getLogger("werkzeug").setLevel(logging.INFO)
 app = Flask(__name__)
 app.config.from_object(Config)
 
-# wykluczenie /healthcheck z talisman
-@app.route("/healthcheck")
-def healthcheck():
-    header_token = request.headers.get("X-Internal-Check")
-    correct_token = app.config.get("HEALTHCHECK_TOKEN")
-
-    if header_token != correct_token:
-        abort(404)
-    return "OK", 200
-
 # Konfiguracja nagłówków bezpieczeństwa z .env
 csp_policy = None
 if app.config.get("ENABLE_CSP", True):
@@ -89,7 +79,7 @@ permissions_policy = {"browsing-topics": "()"} if app.config["ENABLE_PP"] else N
 
 talisman = Talisman(
     app,
-    force_https=app.config.get("ENABLE_HSTS", True),
+    force_https=False,
     strict_transport_security=app.config.get("ENABLE_HSTS", True),
     frame_options="DENY" if app.config.get("ENABLE_XFO", True) else None,
     permissions_policy=permissions_policy,
@@ -2231,6 +2221,15 @@ def recalculate_filesizes():
     )
     return redirect(url_for("admin_receipts", id="all"))
 
+@app.route("/healthcheck")
+def healthcheck():
+    header_token = request.headers.get("X-Internal-Check")
+    correct_token = app.config.get("HEALTHCHECK_TOKEN")
+
+    if header_token != correct_token:
+        abort(404)
+    return "OK", 200
+
 # =========================================================================================
 # SOCKET.IO
 # =========================================================================================