diff --git a/api/server/middleware/validateImageRequest.js b/api/server/middleware/validateImageRequest.js
index 03482b4b118..c0e8e5fe83f 100644
--- a/api/server/middleware/validateImageRequest.js
+++ b/api/server/middleware/validateImageRequest.js
@@ -3,9 +3,14 @@ const jwt = require('jsonwebtoken');
 const { logger } = require('~/config');
 
 /**
- * Middleware to validate image request
+ * Middleware to validate image request.
+ * Must be set by `secureImageLinks` via custom config file.
  */
 function validateImageRequest(req, res, next) {
+  if (!req.app.locals.secureImageLinks) {
+    return next();
+  }
+
   const refreshToken = req.headers.cookie ? cookies.parse(req.headers.cookie).refreshToken : null;
   if (!refreshToken) {
     logger.warn('[validateImageRequest] Refresh token not provided');
diff --git a/api/server/services/AppService.js b/api/server/services/AppService.js
index e4cb416b416..1da6275f8e4 100644
--- a/api/server/services/AppService.js
+++ b/api/server/services/AppService.js
@@ -180,6 +180,7 @@ const AppService = async (app) => {
     fileStrategy,
     fileConfig: config?.fileConfig,
     interface: config?.interface,
+    secureImageLinks: config?.secureImageLinks,
     paths,
     ...endpointLocals,
   };
diff --git a/docs/install/configuration/custom_config.md b/docs/install/configuration/custom_config.md
index b115fd0a2cf..8ae8b6d4d47 100644
--- a/docs/install/configuration/custom_config.md
+++ b/docs/install/configuration/custom_config.md
@@ -203,6 +203,12 @@ This example configuration file sets up LibreChat with detailed options across s
 - **Description**: Determines where to save user uploaded/generated files. Defaults to `"local"` if omitted.
 - **Example**: `fileStrategy: "firebase"`
 
+### Image Links
+- **Key**: `secureImageLinks`
+- **Type**: Boolean
+- **Description**: Whether or not to secure access to image links that are hosted locally by the app. Default: false.
+- **Example**: `secureImageLinks: true`
+
 ### File Configuration
 - **Key**: `fileConfig`
 - **Type**: Object
diff --git a/packages/data-provider/src/config.ts b/packages/data-provider/src/config.ts
index 113866c24d7..7b3f912106f 100644
--- a/packages/data-provider/src/config.ts
+++ b/packages/data-provider/src/config.ts
@@ -189,6 +189,7 @@ export const rateLimitSchema = z.object({
 export const configSchema = z.object({
   version: z.string(),
   cache: z.boolean().optional().default(true),
+  secureImageLinks: z.boolean().optional(),
   interface: z
     .object({
       privacyPolicy: z