diff --git a/backend/requirements.txt b/backend/requirements.txt
index 8198c3e..fdc74b3 100644
--- a/backend/requirements.txt
+++ b/backend/requirements.txt
@@ -10,3 +10,4 @@ python-jose[cryptography]==3.3.0
 bcrypt==4.2.0
 python-multipart==0.0.6
 psycopg[binary]==3.2.3
+psycopg2-binary==2.9.9
diff --git a/deployment/nginx/conf.d/default.conf b/deployment/nginx/conf.d/default.conf
index b19f468..e62eee8 100644
--- a/deployment/nginx/conf.d/default.conf
+++ b/deployment/nginx/conf.d/default.conf
@@ -1,4 +1,4 @@
-# HTTP redirect to HTTPS
+# HTTP server (no SSL for IP-based access)
 server {
     listen 80;
     listen [::]:80;
@@ -9,41 +9,6 @@ server {
         root /var/www/certbot;
     }
 
-    # Redirect all other traffic to HTTPS
-    location / {
-        return 301 https://$host$request_uri;
-    }
-}
-
-# HTTPS server
-server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_name _;
-
-    # SSL certificates (will be created by certbot)
-    ssl_certificate /etc/letsencrypt/live/${DOMAIN}/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/${DOMAIN}/privkey.pem;
-
-    # SSL configuration
-    ssl_session_timeout 1d;
-    ssl_session_cache shared:SSL:50m;
-    ssl_session_tickets off;
-
-    # Modern SSL configuration
-    ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
-    ssl_prefer_server_ciphers off;
-
-    # HSTS
-    add_header Strict-Transport-Security "max-age=63072000" always;
-
-    # Security headers
-    add_header X-Frame-Options "SAMEORIGIN" always;
-    add_header X-Content-Type-Options "nosniff" always;
-    add_header X-XSS-Protection "1; mode=block" always;
-    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
-
     # Auth endpoints with rate limiting
     location ~ ^/auth/(login|register)$ {
         limit_req zone=auth_limit burst=10 nodelay;