diff --git a/Dockerfile b/Dockerfile
index 6f45de4..9f9a985 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
-FROM python:3
+FROM python:3.9
 
-RUN pip install django python-swiftclient uwsgi tox
+RUN pip install Django==2.2.28 python-swiftclient uwsgi tox
 
 COPY . /swiftbrowser
 WORKDIR /swiftbrowser
diff --git a/swiftbrowser/settings.py b/swiftbrowser/settings.py
index 49dbd19..c1c4fbc 100644
--- a/swiftbrowser/settings.py
+++ b/swiftbrowser/settings.py
@@ -63,9 +63,9 @@
 STORAGE_URL = os.environ.get('STORAGE_URL', 'http://127.0.0.1:8080/v1/')
 BASE_URL = os.environ.get('BASE_URL', 'http://127.0.0.1:8000')
 
-TIME_ZONE = 'Europe/Berlin'
-LANGUAGE_CODE = 'de-de'
-SECRET_KEY = os.environ.get("SECRET_KEY")
-STATIC_URL = "http://cdnjs.cloudflare.com/ajax/libs/"
 
+TIME_ZONE = os.environ.get('TIME_ZONE', 'Europe/Berlin')
+LANGUAGE_CODE = os.environ.get('LANGUAGE_CODE', 'de-de')
+SECRET_KEY = os.environ.get("SECRET_KEY")
+STATIC_URL = "%s://cdnjs.cloudflare.com/ajax/libs/" % (os.environ.get('STATIC_URL_PROTOCOL', 'http'))
 ALLOWED_HOSTS = [os.environ.get("ALLOWED_HOSTS", "127.0.0.1"), ]
diff --git a/swiftbrowser/utils.py b/swiftbrowser/utils.py
index cc7834f..f5e43c5 100644
--- a/swiftbrowser/utils.py
+++ b/swiftbrowser/utils.py
@@ -4,7 +4,7 @@
 import hmac
 import string
 import random
-from hashlib import sha1
+from hashlib import sha256
 from urllib.parse import urlparse
 
 from swiftclient import client
@@ -108,7 +108,7 @@ def get_temp_url(storage_url, auth_token, container, objectname, expires=600):
     base = "%s://%s" % (url_parts.scheme, url_parts.netloc)
     hmac_body = 'GET\n%s\n%s' % (expires, path)
     sig = hmac.new(
-        bytes(key, "utf-8"), bytes(hmac_body, "utf-8"), sha1).hexdigest()
+        bytes(key, "utf-8"), bytes(hmac_body, "utf-8"), sha256).hexdigest()
     url = '%s%s?temp_url_sig=%s&temp_url_expires=%s' % (
         base, path, sig, expires)
     return url