diff --git a/.env.sample b/.env.sample
index c39ac12..80942fe 100644
--- a/.env.sample
+++ b/.env.sample
@@ -1,2 +1,5 @@
 SECRET_KEY=
 REDIS_URL=
+DOMAIN=
+ENVIRONMENT=
+EXCLUDE_HEADERS=
diff --git a/callbacks/views.py b/callbacks/views.py
index a9c45fa..fba6da6 100644
--- a/callbacks/views.py
+++ b/callbacks/views.py
@@ -4,6 +4,7 @@ from django.views.generic import RedirectView, TemplateView, View
 from django.urls import reverse_lazy
 from django.http import HttpResponse
 from django.utils import timezone
+from django.conf import settings
 
 from channels.layers import get_channel_layer
 from asgiref.sync import async_to_sync
@@ -58,7 +59,7 @@ class CallbackView(View):
         request = self.request
         headers = []
         for key, value in request.META.items():
-            if key.startswith("HTTP"):
+            if key.startswith("HTTP") and key not in settings.EXCLUDED_HEADERS:
                 original_header = (
                     key.replace("HTTP_", "").replace("_", "-").capitalize()
                 )
diff --git a/webhook_logger/settings.py b/webhook_logger/settings.py
index d42025f..7178b05 100644
--- a/webhook_logger/settings.py
+++ b/webhook_logger/settings.py
@@ -21,12 +21,14 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = os.environ.get("SECRET_KEY")
+APP_ENV = os.environ.get("ENVIRONMENT", "development")
 
 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
-
-ALLOWED_HOSTS = []
-
+if APP_ENV == "development":
+    DEBUG = True
+else:
+    DEBUG = False
+    ALLOWED_HOSTS = [os.environ.get("DOMAIN")]
 
 # Application definition
 
@@ -102,3 +104,6 @@ CHANNEL_LAYERS = {
         "CONFIG": {"hosts": [(os.environ.get("REDIS_URL", "127.0.0.1"), 6379)]},
     }
 }
+
+# Should use the format of request.META
+EXCLUDED_HEADERS = os.environ.get("EXCLUDE_HEADERS", "").split(",")