diff --git a/client/src/pages/Settings.jsx b/client/src/pages/Settings.jsx
index 0b3854b..d415c84 100644
--- a/client/src/pages/Settings.jsx
+++ b/client/src/pages/Settings.jsx
@@ -480,6 +480,7 @@ const SecuritySettings = ({ tenantConfig, onRefresh }) => {
   const handleSave = async () => {
     setSaving(true);
     try {
+      console.log('🔒 Sending security settings:', securitySettings);
       await api.put('/tenant/security', securitySettings);
       toast.success('Security settings updated successfully');
       if (onRefresh) onRefresh();
diff --git a/server/routes/tenant.js b/server/routes/tenant.js
index 5e8f26b..ee39fed 100644
--- a/server/routes/tenant.js
+++ b/server/routes/tenant.js
@@ -259,8 +259,11 @@ router.put('/branding', authenticateToken, requirePermissions(['branding.edit'])
  */
 router.put('/security', authenticateToken, requirePermissions(['security.edit']), async (req, res) => {
   try {
+    console.log('🔒 Security settings update request:', req.body);
+    
     // Determine tenant from request
     const tenantId = await multiAuth.determineTenant(req);
+    console.log('🔍 Security update - tenant:', tenantId);
     if (!tenantId) {
       return res.status(400).json({
         success: false,
@@ -276,6 +279,12 @@ router.put('/security', authenticateToken, requirePermissions(['security.edit'])
       });
     }
 
+    console.log('🔍 Current tenant settings:', {
+      ip_restriction_enabled: tenant.ip_restriction_enabled,
+      ip_whitelist: tenant.ip_whitelist,
+      ip_restriction_message: tenant.ip_restriction_message
+    });
+
     const { ip_restriction_enabled, ip_whitelist, ip_restriction_message } = req.body;
 
     // Validate IP whitelist if provided
@@ -295,15 +304,26 @@ router.put('/security', authenticateToken, requirePermissions(['security.edit'])
     const updates = {};
     if (typeof ip_restriction_enabled === 'boolean') {
       updates.ip_restriction_enabled = ip_restriction_enabled;
+      console.log('🔧 Setting ip_restriction_enabled to:', ip_restriction_enabled);
     }
     if (ip_whitelist) {
       updates.ip_whitelist = ip_whitelist;
+      console.log('🔧 Setting ip_whitelist to:', ip_whitelist);
     }
     if (ip_restriction_message) {
       updates.ip_restriction_message = ip_restriction_message;
+      console.log('🔧 Setting ip_restriction_message to:', ip_restriction_message);
     }
 
+    console.log('🔧 Final updates object:', updates);
     await tenant.update(updates);
+    await tenant.reload(); // Refresh the tenant object
+
+    console.log('🔧 After update - tenant settings:', {
+      ip_restriction_enabled: tenant.ip_restriction_enabled,
+      ip_whitelist: tenant.ip_whitelist,
+      ip_restriction_message: tenant.ip_restriction_message
+    });
 
     console.log(`✅ Tenant "${tenantId}" security settings updated by user "${req.user.username}"`);