diff --git a/src/webauthn/mod.ts b/src/webauthn/mod.ts
index 4d55e20..f8eaf17 100644
--- a/src/webauthn/mod.ts
+++ b/src/webauthn/mod.ts
@@ -1,6 +1,11 @@
 export function getRelyingParty(url: string | URL) {
 	url = new URL(url)
 
+	// Prevent protocol mismatch when server is behind a proxy
+	if (!['localhost', '127.0.0.1', '0.0.0.0'].includes(url.hostname)) {
+		url.protocol = 'https'
+	}
+
 	return {
 		/**
 		 * Human-readable title for your website