diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml
index da49cac..64d97df 100644
--- a/.github/workflows/docker-build-push.yml
+++ b/.github/workflows/docker-build-push.yml
@@ -25,7 +25,7 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          lfs: true # WICHTIG: Lädt die echten LFS-Dateien (MaxMind DBs) herunter
+          lfs: true
 
       - name: Get short SHA
         id: vars
@@ -58,6 +58,8 @@ jobs:
           build-args: |
             GIT_COMMIT_SHA=${{ steps.vars.outputs.sha }}
             SENTRY_DSN=${{ secrets.SENTRY_DSN }}
+          cache-from: type=gha,scope=backend
+          cache-to: type=gha,mode=max,scope=backend
 
       - name: Tag backend with extra_tag (manifest retag)
         if: ${{ github.event.inputs.extra_tag && github.event.inputs.extra_tag != '' }}
@@ -80,10 +82,12 @@ jobs:
           build-args: |
             GIT_COMMIT_SHA=${{ steps.vars.outputs.sha }}
             SENTRY_DSN=${{ secrets.SENTRY_DSN }}
+          cache-from: type=gha,scope=frontend
+          cache-to: type=gha,mode=max,scope=frontend
 
       - name: Tag frontend with extra_tag (manifest retag)
         if: ${{ github.event.inputs.extra_tag && github.event.inputs.extra_tag != '' }}
         run: |
           docker buildx imagetools create \
             -t ${{ env.REGISTRY }}/${{ env.DOCKERHUB_USER_LC }}/utools-frontend:${{ github.event.inputs.extra_tag }} \
-            ${{ env.REGISTRY }}/${{ env.DOCKERHUB_USER_LC }}/utools-frontend:${{ steps.vars.outputs.sha }}
\ No newline at end of file
+            ${{ env.REGISTRY }}/${{ env.DOCKERHUB_USER_LC }}/utools-frontend:${{ steps.vars.outputs.sha }}
diff --git a/.github/workflows/maxmind-update.yml b/.github/workflows/maxmind-update.yml
index 4739482..ad4f994 100644
--- a/.github/workflows/maxmind-update.yml
+++ b/.github/workflows/maxmind-update.yml
@@ -1,14 +1,13 @@
 name: Update MaxMind GeoLite2 DBs
 
 on:
-  workflow_dispatch: # Ermöglicht manuelles Starten
+  workflow_dispatch:
   schedule:
     - cron: '0 0 1 * *'
 
 jobs:
   update-db:
     runs-on: ubuntu-latest
-    # Berechtigung, um Änderungen zurück ins Repo zu pushen
     permissions:
       contents: write
 
@@ -16,71 +15,46 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
-          lfs: true # Wichtig: LFS-Dateien beim Checkout herunterladen
+          lfs: true
 
-      - name: Download geoipupdate tool
+      - name: Download latest geoipupdate
         run: |
-          # Lade eine spezifische Version oder die neueste herunter
-          GEOIPUPDATE_VERSION="4.11.1"
-          wget "https://github.com/maxmind/geoipupdate/releases/download/v${GEOIPUPDATE_VERSION}/geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64.tar.gz"
-          tar -zxvf "geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64.tar.gz"
-          # Verschiebe das Binary in einen bekannten Pfad und mache es ausführbar
+          GEOIPUPDATE_VERSION=$(curl -fsSL https://api.github.com/repos/maxmind/geoipupdate/releases/latest | jq -r '.tag_name | ltrimstr("v")')
+          echo "Installing geoipupdate v${GEOIPUPDATE_VERSION}"
+          wget -q "https://github.com/maxmind/geoipupdate/releases/download/v${GEOIPUPDATE_VERSION}/geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64.tar.gz"
+          tar -xzf "geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64.tar.gz"
           sudo mv "geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64/geoipupdate" /usr/local/bin/
-          sudo chmod +x /usr/local/bin/geoipupdate
-          # Überprüfe die Version
           geoipupdate -V
 
       - name: Create GeoIP.conf
-        # Erstellt die Konfigurationsdatei für geoipupdate mit den Secrets
         run: |
-          echo "Creating GeoIP.conf..."
           cat << EOF > GeoIP.conf
-          # GeoIP.conf file for geoipupdate
           AccountID ${{ secrets.MAXMIND_ACCOUNT_ID }}
           LicenseKey ${{ secrets.MAXMIND_LICENSE_KEY }}
-
-          # Specify the editions to download
           EditionIDs GeoLite2-ASN GeoLite2-City
           EOF
-          echo "GeoIP.conf created."
         env:
           MAXMIND_ACCOUNT_ID: ${{ secrets.MAXMIND_ACCOUNT_ID }}
           MAXMIND_LICENSE_KEY: ${{ secrets.MAXMIND_LICENSE_KEY }}
 
       - name: Run geoipupdate
-        run: |
-          echo "Running geoipupdate..."
-          # Lädt die Datenbanken nach ./backend/data herunter
-          geoipupdate -f GeoIP.conf -d ./backend/data -v
-          echo "geoipupdate finished."
+        run: geoipupdate -f GeoIP.conf -d ./backend/data -v
 
       - name: Configure Git and LFS
         run: |
           git config --global user.name 'github-actions[bot]'
           git config --global user.email 'github-actions[bot]@users.noreply.github.com'
-          # Installiere Git LFS Hooks für diesen Run
           git lfs install
 
-      - name: Track and Commit changes (LFS)
+      - name: Commit and push updated databases
         run: |
-          # Sage Git, dass .mmdb Dateien mit LFS verwaltet werden sollen
           git lfs track "backend/data/*.mmdb"
-          
-          # Füge .gitattributes (hier steht die LFS-Konfiguration drin) hinzu
-          git add .gitattributes
-          
-          # Füge die eigentlichen Datenbank-Dateien hinzu
-          git add ./backend/data/*.mmdb
-
-          # Prüfe, ob Änderungen zum Committen vorliegen (staged changes)
+          git add .gitattributes ./backend/data/*.mmdb
           if git diff --staged --quiet; then
             echo "No changes detected in MaxMind databases."
           else
-            echo "Changes detected. Committing..."
-            COMMIT_DATE=$(date -u +"%Y-%m-%d")
-            git commit -m "Update MaxMind GeoLite2 databases (LFS) (${COMMIT_DATE})"
+            git commit -m "Update MaxMind GeoLite2 databases (LFS) ($(date -u +%Y-%m-%d))"
             git push
-            echo "Changes pushed via LFS."
           fi
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/backend/Dockerfile b/backend/Dockerfile
index 48ae9cc..f03970f 100644
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -14,8 +14,7 @@ COPY package*.json ./
 
 # Install app dependencies using npm ci for faster, reliable builds
 # --only=production installs only production dependencies (including 'oui')
-RUN npm ci --only=production
-# REMOVED: RUN npm i oui (should be installed by npm ci now)
+RUN npm ci --omit=dev
 
 # Stage 2: Production Image
 FROM node:24-alpine
diff --git a/backend/package.json b/backend/package.json
index c0bba6a..bc79eb5 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -9,6 +9,9 @@
   "keywords": [],
   "author": "",
   "license": "ISC",
+  "engines": {
+    "node": ">=24"
+  },
   "dependencies": {
     "@maxmind/geoip2-node": "^6.0.0",
     "@sentry/node": "^10.42.0",
diff --git a/frontend/Dockerfile b/frontend/Dockerfile
index 43f9aac..641d5ee 100644
--- a/frontend/Dockerfile
+++ b/frontend/Dockerfile
@@ -2,7 +2,7 @@
 # Aktuell nicht nötig, da wir CDN/statische Dateien haben.
 
 # Stage 2: Production Environment using Nginx
-FROM nginx:1.25-alpine
+FROM nginx:1.27-alpine
 
 # Arbeitsverzeichnis im Container (optional, aber gute Praxis)
 WORKDIR /usr/share/nginx/html