diff --git a/lib/web/controllers/session_controller.ex b/lib/web/controllers/session_controller.ex
index 982c777ff..b78df9e2e 100644
--- a/lib/web/controllers/session_controller.ex
+++ b/lib/web/controllers/session_controller.ex
@@ -181,6 +181,9 @@ defmodule Web.SessionController do
   end
 
   defp clear_rails_session(conn) do
-    delete_resp_cookie(conn, "_challenge_platform_key")
+    domain = Application.get_env(:challenge_gov, :session_cookie_domain)
+    secure = Mix.env() != :dev
+
+    delete_resp_cookie(conn, "_challenge_platform_key", domain: domain, secure: secure)
   end
 end
diff --git a/lib/web/endpoint.ex b/lib/web/endpoint.ex
index 2b76e519e..6d14c5ec4 100644
--- a/lib/web/endpoint.ex
+++ b/lib/web/endpoint.ex
@@ -12,6 +12,7 @@ defmodule Web.Endpoint do
     store: :cookie,
     key: "_challenge_gov_key",
     domain: Application.compile_env(:challenge_gov, :session_cookie_domain),
+    secure: Mix.env() != :dev,
     same_site: "Lax",
     signing_salt: "+S7HWPoL"
   ]