diff --git a/backend/app/api/v1/setting.go b/backend/app/api/v1/setting.go
index bce6b7113..9280e8abd 100644
--- a/backend/app/api/v1/setting.go
+++ b/backend/app/api/v1/setting.go
@@ -66,6 +66,10 @@ func (b *BaseApi) UpdateSetting(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
+	if req.Key == "SecurityEntrance" {
+		entranceValue := base64.StdEncoding.EncodeToString([]byte(req.Value))
+		c.SetCookie("SecurityEntrance", entranceValue, 0, "", "", false, true)
+	}
 	helper.SuccessWithData(c, nil)
 }
 
diff --git a/backend/init/router/router.go b/backend/init/router/router.go
index 1745bee19..f95b1078d 100644
--- a/backend/init/router/router.go
+++ b/backend/init/router/router.go
@@ -109,6 +109,15 @@ func handleNoRoute(c *gin.Context) {
 	c.Data(statusCode, "text/html; charset=utf-8", data)
 }
 
+func checkSession(c *gin.Context) bool {
+	sId, err := c.Cookie(constant.SessionName)
+	if err != nil {
+		return false
+	}
+	_, err = global.SESSION.Get(sId)
+	return err == nil
+}
+
 func setWebStatic(rootRouter *gin.RouterGroup) {
 	rootRouter.StaticFS("/public", http.FS(web.Favicon))
 	rootRouter.StaticFS("/favicon.ico", http.FS(web.Favicon))
@@ -136,10 +145,15 @@ func setWebStatic(rootRouter *gin.RouterGroup) {
 		})
 	}
 	rootRouter.GET("/", func(c *gin.Context) {
-		if !checkEntrance(c) {
+		if !checkEntrance(c) && !checkSession(c) {
 			handleNoRoute(c)
 			return
 		}
+		entrance = authService.GetSecurityEntrance()
+		if entrance != "" {
+			entranceValue := base64.StdEncoding.EncodeToString([]byte(entrance))
+			c.SetCookie("SecurityEntrance", entranceValue, 0, "", "", false, true)
+		}
 		staticServer := http.FileServer(http.FS(web.IndexHtml))
 		staticServer.ServeHTTP(c.Writer, c.Request)
 	})