diff --git a/paperless/paperless_custom_settings.py b/paperless/paperless_custom_settings.py
index 9512269..b1434d5 100644
--- a/paperless/paperless_custom_settings.py
+++ b/paperless/paperless_custom_settings.py
@@ -24,4 +24,39 @@ LOGOUT_REDIRECT_URL = os.getenv('PAPERLESS_LOGOUT_REDIRECT_URL', '/paperless/')
 LOGIN_URL = '/paperless/accounts/login/'
 
 # Ensure Force Script Name for proper URL handling behind proxy
-FORCE_SCRIPT_NAME = os.getenv('PAPERLESS_FORCE_SCRIPT_NAME', '/paperless')
\ No newline at end of file
+FORCE_SCRIPT_NAME = os.getenv('PAPERLESS_FORCE_SCRIPT_NAME', '/paperless')
+
+# Additional URL configuration for proper reverse proxy support
+USE_X_FORWARDED_HOST = True
+USE_X_FORWARDED_PORT = True
+
+# Static and media URL configuration for subpath
+STATIC_URL = '/paperless/static/'
+MEDIA_URL = '/paperless/media/'
+
+# Fix any hardcoded redirects in Paperless
+ACCOUNT_LOGOUT_REDIRECT_URL = '/paperless/'
+
+# Force Django to always use the paperless prefix for authentication URLs
+LOGIN_URL = '/paperless/accounts/login/'
+
+# Override Django's redirect behavior for authentication  
+# This ensures that after login, if no next parameter is provided or if next='/', 
+# it redirects to /paperless/ instead
+def fix_login_redirect(original_redirect_url):
+    """Custom redirect logic to keep users within Paperless scope"""
+    if not original_redirect_url or original_redirect_url == '/':
+        return '/paperless/'
+    elif original_redirect_url.startswith('/') and not original_redirect_url.startswith('/paperless/'):
+        return '/paperless/'
+    return original_redirect_url
+
+# Monkey patch Django's login view to fix redirect behavior
+import django.contrib.auth.views
+original_get_success_url = django.contrib.auth.views.LoginView.get_success_url
+
+def patched_get_success_url(self):
+    url = original_get_success_url(self)
+    return fix_login_redirect(url)
+
+django.contrib.auth.views.LoginView.get_success_url = patched_get_success_url
\ No newline at end of file