diff --git a/config/confluence.cfg.xml.j2 b/config/confluence.cfg.xml.j2
index 2c8ee9c..bbca7bb 100644
--- a/config/confluence.cfg.xml.j2
+++ b/config/confluence.cfg.xml.j2
@@ -96,5 +96,9 @@
       <property name="hibernate.setup">true</property>
     {% endif %}
 
+    {# Confluence versions 9.1 and newer #}
+    {% if (confluence_version.split(".")[0] | int() == 9 and confluence_version.split(".")[1] | int() >= 1) or confluence_version.split(".")[0] | int() > 9 %}
+        <property name="secure.properties">true</property>
+    {% endif %}
   </properties>
 </confluence-configuration>
diff --git a/tests/test_image.py b/tests/test_image.py
index 3d57d78..ba14a89 100644
--- a/tests/test_image.py
+++ b/tests/test_image.py
@@ -717,3 +717,18 @@ def test_skip_custom_allowlist_secure_vars(docker_cli, image, run_user):
         if rpat.search(line):
             print(line)
             raise EOFError(f"Found unexpected log line")
+
+@pytest.mark.parametrize("version,secure_properties_flag_expected", [('6.9.0', 'false'), ('9.0.1', 'false'), ('9.1.0', 'true'), ('9.2.0', 'true')])
+def test_confluence_xml_secure_properties(docker_cli, image, version, secure_properties_flag_expected):
+    environment = {
+        'CONFLUENCE_VERSION': version,
+    }
+    container = run_image(docker_cli, image, environment=environment)
+
+    xml = parse_xml(container, f'{get_app_home(container)}/confluence.cfg.xml')
+    secure_properties_elements = xml.findall('.//property[@name="secure.properties"]')
+
+    if secure_properties_flag_expected.lower() == 'true'
+        assert secure_properties_elements[0].text == "true"
+    else
+        assert len(secure_properties_elements) == 0
\ No newline at end of file