diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..e764ba6
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,16 @@
+# Git
+.git
+.gitignore
+
+# Python
+__pycache__/
+*.pyc
+*.pyo
+*.pyd
+.venv/
+venv/
+env/
+
+# IDE/Editor
+.vscode/
+.idea/
\ No newline at end of file
diff --git a/dockerfile b/dockerfile
index 4824785..4d44f5e 100644
--- a/dockerfile
+++ b/dockerfile
@@ -1,4 +1,5 @@
-FROM python:3.11-slim-bookworm
+# Builder stage
+FROM python:3.11-slim-bookworm as builder
 
 RUN apt-get update && apt-get install -y --no-install-recommends \
     libglib2.0-0 \
@@ -13,8 +14,14 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
 WORKDIR /app
 
 COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt
+RUN pip install --no-cache-dir --prefix=/install -r requirements.txt
 
+# Final stage
+FROM python:3.11-slim-bookworm as final
+
+WORKDIR /app
+
+COPY --from=builder /install /usr/local
 COPY . .
 
 RUN chmod +x run.sh
@@ -22,6 +29,10 @@ RUN chmod +x run.sh
 ARG VERSION
 RUN echo $VERSION > VERSION
 
+# Create a non-root user
+RUN useradd --create-home appuser
+USER appuser
+
 EXPOSE 5000
 
 ENV FLASK_ENV production