diff --git a/README.md b/README.md
index 882a4b12..bab7bd83 100644
--- a/README.md
+++ b/README.md
@@ -141,6 +141,7 @@ This readme file is used mostly to document project dependencies
 ## Production build
 
 - provide secrets: 'secrets/db_password.txt', 'django_key.txt', 'email_host.txt', 'email_password.txt', 'email_user.txt'
+- check if you need to change SSL/TLS and PORT in 'rsconcept\backend\.env.prod'
 - setup domain names for application and API in configs: 'frontend\env\.env.production', 'rsconcept\backend\.env.dev', 'nginx\production.conf'
 - provide privacy policy document in PDF: 'frontend/public/privacy.pdf'
 - use certbot to obtain certificates via 'docker compose -f "docker-compose-prod.yml" run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ -d portal.acconcept.ru api.portal.acconcept.ru'
diff --git a/docker-compose-prod.yml b/docker-compose-prod.yml
index 96a6037a..41e15a2d 100644
--- a/docker-compose-prod.yml
+++ b/docker-compose-prod.yml
@@ -77,7 +77,7 @@ services:
       - db_password
     env_file: ./postgresql/.env.prod
     environment:
-      POSTGRES_PASSWORD: /run/secrets/db_password
+      POSTGRES_PASSWORD_FILE: /run/secrets/db_password
     volumes:
       - postgres_volume:/var/lib/postgresql/data
 
diff --git a/rsconcept/backend/.env.prod b/rsconcept/backend/.env.prod
index 2d422108..fcf31f3d 100644
--- a/rsconcept/backend/.env.prod
+++ b/rsconcept/backend/.env.prod
@@ -1,7 +1,7 @@
 # Application settings
 
 # SECRET_KEY=
-ALLOWED_HOSTS=portal.acconcept.ru;api.portal.acconcept.ru;localhost
+ALLOWED_HOSTS=portal.acconcept.ru;api.portal.acconcept.ru
 CSRF_TRUSTED_ORIGINS=https://portal.acconcept.ru;https://api.portal.acconcept.ru
 CORS_ALLOWED_ORIGINS=https://portal.acconcept.ru
 CSRF_COOKIE_DOMAIN=.portal.acconcept.ru
@@ -16,9 +16,9 @@ MEDIA_ROOT=/home/app/web/media
 # EMAIL_HOST=
 # EMAIL_HOST_USER=
 # EMAIL_HOST_PASSWORD=
-EMAIL_PORT=443
-EMAIL_SSL=True
-EMAIL_TLS=False
+EMAIL_PORT=587
+EMAIL_SSL=False
+EMAIL_TLS=True
 
 
 # Database settings
diff --git a/rsconcept/backend/apps/users/urls.py b/rsconcept/backend/apps/users/urls.py
index c37b3a06..eff28fae 100644
--- a/rsconcept/backend/apps/users/urls.py
+++ b/rsconcept/backend/apps/users/urls.py
@@ -1,9 +1,9 @@
 ''' Routing: User profile and Authorization. '''
-from django.urls import path, include
+from django.urls import path
+from django_rest_passwordreset.views import reset_password_confirm # type: ignore
+from django_rest_passwordreset.views import reset_password_request_token # type: ignore
+from django_rest_passwordreset.views import reset_password_validate_token # type: ignore
 from . import views
-from django_rest_passwordreset.views import reset_password_confirm, \
-    reset_password_request_token, \
-    reset_password_validate_token
 
 
 urlpatterns = [
diff --git a/rsconcept/backend/project/settings.py b/rsconcept/backend/project/settings.py
index 55290cb1..0fab6fe9 100644
--- a/rsconcept/backend/project/settings.py
+++ b/rsconcept/backend/project/settings.py
@@ -13,6 +13,13 @@ https://docs.djangoproject.com/en/4.1/ref/settings/
 import os
 from pathlib import Path
 
+def _get_secret(key: str, default):
+    value = os.environ.get(key, default)
+    if os.path.isfile(value):
+        with open(value, mode='r', encoding='utf-8') as f:
+            return f.read()
+    return value
+
 _TRUE_VARIANTS = [True, 'True', '1']
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
@@ -23,7 +30,7 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 # See https://docs.djangoproject.com/en/4.1/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = os.environ.get('SECRET_KEY', 'not-a-secret')
+SECRET_KEY = _get_secret('SECRET_KEY', 'not-a-secret')
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = os.environ.get('DEBUG', True) in _TRUE_VARIANTS
@@ -32,12 +39,12 @@ ALLOWED_HOSTS = os.environ.get('ALLOWED_HOSTS', '*').split(';')
 INTERNAL_IPS = ['127.0.0.1'] if DEBUG else []
 
 # MAIL SETUP
-EMAIL_HOST = os.environ.get('EMAIL_HOST', '')
+EMAIL_HOST = _get_secret('EMAIL_HOST', '')
 EMAIL_PORT = int(os.environ.get('EMAIL_PORT', '1025'))
 EMAIL_USE_SSL = os.environ.get('EMAIL_SSL', False) in _TRUE_VARIANTS
 EMAIL_USE_TLS = os.environ.get('EMAIL_TLS', False) in _TRUE_VARIANTS
-EMAIL_HOST_USER = os.environ.get('EMAIL_HOST_USER', '')
-EMAIL_HOST_PASSWORD = os.environ.get('EMAIL_HOST_PASSWORD', '')
+EMAIL_HOST_USER = _get_secret('EMAIL_HOST_USER', '')
+EMAIL_HOST_PASSWORD = _get_secret('EMAIL_HOST_PASSWORD', '')
 EMAIL_BACKEND = \
     'django.core.mail.backends.smtp.EmailBackend' \
     if EMAIL_HOST != '' else \
@@ -143,7 +150,7 @@ DATABASES = {
         'ENGINE': os.environ.get('DB_ENGINE', 'django.db.backends.sqlite3'),
         'NAME': os.environ.get('DB_NAME', BASE_DIR / 'db.sqlite3'),
         'USER': os.environ.get('DB_USER'),
-        'PASSWORD': os.environ.get('DB_PASSWORD'),
+        'PASSWORD': _get_secret('DB_PASSWORD', ''),
         'HOST': os.environ.get('DB_HOST'),
         'DB_PORT': os.environ.get('DB_PORT'),
     }
diff --git a/rsconcept/frontend/src/components/InfoError.tsx b/rsconcept/frontend/src/components/InfoError.tsx
index a586c657..bdd0c451 100644
--- a/rsconcept/frontend/src/components/InfoError.tsx
+++ b/rsconcept/frontend/src/components/InfoError.tsx
@@ -50,7 +50,7 @@ function DescribeError({ error }: { error: ErrorData }) {
 
 function InfoError({ error }: InfoErrorProps) {
   return (
-    <AnimateFade className='px-3 py-2 min-w-[15rem] text-sm font-semibold select-text clr-text-warning'>
+    <AnimateFade className='px-3 py-2 min-w-[25rem] w-full text-sm font-semibold select-text clr-text-warning'>
       <DescribeError error={error} />
     </AnimateFade>
   );