diff --git a/main.py b/main.py
index 85710960..bf2051dc 100644
--- a/main.py
+++ b/main.py
@@ -3643,11 +3643,16 @@ async def ws_live_updates(websocket: WebSocket):
     Manages a set of connected browser clients; listens for incoming command messages
     and forwards them to the appropriate plugin client WebSocket.
     """
-    # Require valid session cookie for browser WebSocket
-    token = websocket.cookies.get("session")
-    if not token or not verify_session_cookie(token):
-        await websocket.close(code=4401, reason="Not authenticated")
-        return
+    # Require valid session cookie for browser WebSocket.
+    # Internal Docker network connections (172.x.x.x) are trusted — this allows
+    # the Discord bot and other internal services to connect without a cookie.
+    client_host = websocket.client.host if websocket.client else ""
+    is_internal = client_host.startswith("172.") or client_host in ("127.0.0.1", "::1", "localhost")
+    if not is_internal:
+        token = websocket.cookies.get("session")
+        if not token or not verify_session_cookie(token):
+            await websocket.close(code=4401, reason="Not authenticated")
+            return
 
     global _browser_connections
     # Add new browser client to the set