diff --git a/server/middleware/ip-restriction.js b/server/middleware/ip-restriction.js
index 727d018..da880dc 100644
--- a/server/middleware/ip-restriction.js
+++ b/server/middleware/ip-restriction.js
@@ -135,7 +135,7 @@ class IPRestrictionMiddleware {
     }
 
     // Fallback to connection IP
-    return req.connection.remoteAddress || req.socket.remoteAddress || req.ip || 'unknown';
+    return req.connection?.remoteAddress || req.socket?.remoteAddress || req.ip || 'unknown';
   }
 
   /**
@@ -224,7 +224,7 @@ class IPRestrictionMiddleware {
       console.log('🔍 IP Restriction - Request headers:', {
         'x-forwarded-for': req.headers['x-forwarded-for'],
         'x-real-ip': req.headers['x-real-ip'],
-        'remote-address': req.connection.remoteAddress
+        'remote-address': req.connection?.remoteAddress
       });
       
       // Parse allowed IPs (convert string to array)
diff --git a/server/middleware/multi-tenant-auth.js b/server/middleware/multi-tenant-auth.js
index 0063933..36df906 100644
--- a/server/middleware/multi-tenant-auth.js
+++ b/server/middleware/multi-tenant-auth.js
@@ -44,6 +44,7 @@ class MultiTenantAuth {
   async determineTenant(req) {
     // Method 1: From authenticated user (highest priority)
     if (req.user && req.user.tenantId) {
+      console.log('🏢 Tenant from req.user.tenantId:', req.user.tenantId);
       return req.user.tenantId;
     }
 
@@ -68,9 +69,11 @@ class MultiTenantAuth {
 
     // Method 4: x-forwarded-host header (for proxied requests)
     const forwardedHost = req.headers['x-forwarded-host'];
+    console.log('🏢 x-forwarded-host header:', forwardedHost);
     if (forwardedHost) {
       const subdomain = forwardedHost.split('.')[0];
       if (subdomain && subdomain !== 'www' && subdomain !== 'api' && !subdomain.includes(':')) {
+        console.log('🏢 Tenant from x-forwarded-host:', subdomain);
         return subdomain;
       }
     }
@@ -86,7 +89,9 @@ class MultiTenantAuth {
 
     // Method 6: URL path (/tenant2/api/...)
     const pathSegments = (req.path || req.url || '').split('/').filter(segment => segment);
+    console.log('🏢 URL path segments:', pathSegments, 'from path:', req.path, 'or url:', req.url);
     if (pathSegments.length > 0 && pathSegments[0] !== 'api') {
+      console.log('🏢 Tenant from URL path:', pathSegments[0]);
       return pathSegments[0];
     }
 
@@ -97,9 +102,11 @@ class MultiTenantAuth {
 
     // Return null for localhost without tenant info
     if (hostname && hostname.startsWith('localhost')) {
+      console.log('🏢 Localhost detected, returning null');
       return null;
     }
 
+    console.log('🏢 No tenant determined, returning null');
     // Default to null
     return null;
   }