diff --git a/.env.example b/.env.example
index ec75300..905775e 100644
--- a/.env.example
+++ b/.env.example
@@ -10,8 +10,6 @@ TINYAUTH_DATABASEPATH="/data/tinyauth.db"
 TINYAUTH_DISABLEANALYTICS="false"
 # Disable static resource serving
 TINYAUTH_DISABLERESOURCES="false"
-# Disable UI warning messages
-TINYAUTH_DISABLEUIWARNINGS="false"
 
 # Logging Configuration
 
@@ -36,8 +34,6 @@ TINYAUTH_SERVER_PORT="3000"
 TINYAUTH_SERVER_ADDRESS="0.0.0.0"
 # Unix socket path (optional, overrides port/address if set)
 TINYAUTH_SERVER_SOCKETPATH=""
-# Comma-separated list of trusted proxy IPs/CIDRs
-TINYAUTH_SERVER_TRUSTEDPROXIES=""
 
 # Authentication Configuration
 
@@ -55,6 +51,8 @@ TINYAUTH_AUTH_SESSIONMAXLIFETIME="0"
 TINYAUTH_AUTH_LOGINTIMEOUT="300"
 # Maximum login retries before lockout
 TINYAUTH_AUTH_LOGINMAXRETRIES="5"
+# Comma-separated list of trusted proxy IPs/CIDRs
+TINYAUTH_AUTH_TRUSTEDPROXIES=""
 
 # OAuth Configuration
 
@@ -82,6 +80,8 @@ TINYAUTH_UI_TITLE="Tinyauth"
 TINYAUTH_UI_FORGOTPASSWORDMESSAGE="Contact your administrator to reset your password"
 # Background image URL for login page
 TINYAUTH_UI_BACKGROUNDIMAGE=""
+# Disable UI warning messages
+TINYAUTH_UI_DISABLEWARNINGS="false"
 
 # LDAP Configuration
 
diff --git a/internal/bootstrap/router_bootstrap.go b/internal/bootstrap/router_bootstrap.go
index 3ab696a..6773d5f 100644
--- a/internal/bootstrap/router_bootstrap.go
+++ b/internal/bootstrap/router_bootstrap.go
@@ -21,8 +21,8 @@ func (app *BootstrapApp) setupRouter() (*gin.Engine, error) {
 	engine := gin.New()
 	engine.Use(gin.Recovery())
 
-	if len(app.config.Server.TrustedProxies) > 0 {
-		err := engine.SetTrustedProxies(app.config.Server.TrustedProxies)
+	if len(app.config.Auth.TrustedProxies) > 0 {
+		err := engine.SetTrustedProxies(app.config.Auth.TrustedProxies)
 
 		if err != nil {
 			return nil, fmt.Errorf("failed to set trusted proxies: %w", err)
@@ -71,7 +71,7 @@ func (app *BootstrapApp) setupRouter() (*gin.Engine, error) {
 		ForgotPasswordMessage: app.config.UI.ForgotPasswordMessage,
 		BackgroundImage:       app.config.UI.BackgroundImage,
 		OAuthAutoRedirect:     app.config.OAuth.AutoRedirect,
-		DisableUIWarnings:     app.config.DisableUIWarnings,
+		DisableUIWarnings:     app.config.UI.DisableWarnings,
 	}, apiRouter)
 
 	contextController.SetupRoutes()
diff --git a/internal/config/config.go b/internal/config/config.go
index 7e40e45..8b9be23 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -15,28 +15,26 @@ var RedirectCookieName = "tinyauth-redirect"
 // Main app config
 
 type Config struct {
-	AppURL            string             `description:"The base URL where the app is hosted." yaml:"appUrl"`
-	ResourcesDir      string             `description:"The directory where resources are stored." yaml:"resourcesDir"`
-	DatabasePath      string             `description:"The path to the database file." yaml:"databasePath"`
-	DisableAnalytics  bool               `description:"Disable analytics." yaml:"disableAnalytics"`
-	DisableResources  bool               `description:"Disable resources server." yaml:"disableResources"`
-	DisableUIWarnings bool               `description:"Disable UI warnings." yaml:"disableUIWarnings"`
-	Server            ServerConfig       `description:"Server configuration." yaml:"server"`
-	Auth              AuthConfig         `description:"Authentication configuration." yaml:"auth"`
-	Apps              map[string]App     `description:"Application ACLs configuration." yaml:"apps"`
-	OAuth             OAuthConfig        `description:"OAuth configuration." yaml:"oauth"`
-	OIDC              OIDCConfig         `description:"OIDC configuration." yaml:"oidc"`
-	UI                UIConfig           `description:"UI customization." yaml:"ui"`
-	Ldap              LdapConfig         `description:"LDAP configuration." yaml:"ldap"`
-	Experimental      ExperimentalConfig `description:"Experimental features, use with caution." yaml:"experimental"`
-	Log               LogConfig          `description:"Logging configuration." yaml:"log"`
+	AppURL           string             `description:"The base URL where the app is hosted." yaml:"appUrl"`
+	ResourcesDir     string             `description:"The directory where resources are stored." yaml:"resourcesDir"`
+	DatabasePath     string             `description:"The path to the database file." yaml:"databasePath"`
+	DisableAnalytics bool               `description:"Disable analytics." yaml:"disableAnalytics"`
+	DisableResources bool               `description:"Disable resources server." yaml:"disableResources"`
+	Server           ServerConfig       `description:"Server configuration." yaml:"server"`
+	Auth             AuthConfig         `description:"Authentication configuration." yaml:"auth"`
+	Apps             map[string]App     `description:"Application ACLs configuration." yaml:"apps"`
+	OAuth            OAuthConfig        `description:"OAuth configuration." yaml:"oauth"`
+	OIDC             OIDCConfig         `description:"OIDC configuration." yaml:"oidc"`
+	UI               UIConfig           `description:"UI customization." yaml:"ui"`
+	Ldap             LdapConfig         `description:"LDAP configuration." yaml:"ldap"`
+	Experimental     ExperimentalConfig `description:"Experimental features, use with caution." yaml:"experimental"`
+	Log              LogConfig          `description:"Logging configuration." yaml:"log"`
 }
 
 type ServerConfig struct {
-	Port           int      `description:"The port on which the server listens." yaml:"port"`
-	Address        string   `description:"The address on which the server listens." yaml:"address"`
-	SocketPath     string   `description:"The path to the Unix socket." yaml:"socketPath"`
-	TrustedProxies []string `description:"Comma-separated list of trusted proxy addresses." yaml:"trustedProxies"`
+	Port       int    `description:"The port on which the server listens." yaml:"port"`
+	Address    string `description:"The address on which the server listens." yaml:"address"`
+	SocketPath string `description:"The path to the Unix socket." yaml:"socketPath"`
 }
 
 type AuthConfig struct {
@@ -48,6 +46,7 @@ type AuthConfig struct {
 	SessionMaxLifetime int      `description:"Maximum session lifetime in seconds." yaml:"sessionMaxLifetime"`
 	LoginTimeout       int      `description:"Login timeout in seconds." yaml:"loginTimeout"`
 	LoginMaxRetries    int      `description:"Maximum login retries." yaml:"loginMaxRetries"`
+	TrustedProxies     []string `description:"Comma-separated list of trusted proxy addresses." yaml:"trustedProxies"`
 }
 
 type IPConfig struct {
@@ -71,6 +70,7 @@ type UIConfig struct {
 	Title                 string `description:"The title of the UI." yaml:"title"`
 	ForgotPasswordMessage string `description:"Message displayed on the forgot password page." yaml:"forgotPasswordMessage"`
 	BackgroundImage       string `description:"Path to the background image." yaml:"backgroundImage"`
+	DisableWarnings       bool   `description:"Disable UI warnings." yaml:"disableWarnings"`
 }
 
 type LdapConfig struct {