diff --git a/.env.example.complete b/.env.example.complete
index f31cece20..a42054b6b 100644
--- a/.env.example.complete
+++ b/.env.example.complete
@@ -73,7 +73,6 @@ SESSION_DRIVER=file
 # Session configuration
 SESSION_LIFETIME=120
 SESSION_COOKIE_NAME=bookstack_session
-SESSION_COOKIE_PATH=/
 SESSION_SECURE_COOKIE=false
 
 # Cache key prefix
diff --git a/app/Config/session.php b/app/Config/session.php
index 84916bcd4..c750e1ef9 100644
--- a/app/Config/session.php
+++ b/app/Config/session.php
@@ -59,7 +59,7 @@ return [
     // The session cookie path determines the path for which the cookie will
     // be regarded as available. Typically, this will be the root path of
     // your application but you are free to change this when necessary.
-    'path' => env('SESSION_COOKIE_PATH', '/'),
+    'path' => '/' . (explode('/', env('APP_URL', ''), 4)[3] ?? ''),
 
     // Session Cookie Domain
     // Here you may change the domain of the cookie used to identify a session
diff --git a/tests/Unit/ConfigTest.php b/tests/Unit/ConfigTest.php
index 1374b3aa9..1d4decc2b 100644
--- a/tests/Unit/ConfigTest.php
+++ b/tests/Unit/ConfigTest.php
@@ -59,16 +59,20 @@ class ConfigTest extends TestCase
         $this->assertStringNotContainsString('testing', $output);
     }
 
+    public function test_session_cookie_uses_sub_path_from_app_url()
+    {
+        $this->checkEnvConfigResult('APP_URL', 'https://example.com', 'session.path', '/');
+        $this->checkEnvConfigResult('APP_URL', 'https://a.com/b', 'session.path', '/b');
+        $this->checkEnvConfigResult('APP_URL', 'https://a.com/b/d/e', 'session.path', '/b/d/e');
+        $this->checkEnvConfigResult('APP_URL', '', 'session.path', '/');
+    }
+
     /**
      * Set an environment variable of the given name and value
      * then check the given config key to see if it matches the given result.
      * Providing a null $envVal clears the variable.
-     * @param string $envName
-     * @param string|null $envVal
-     * @param string $configKey
-     * @param string $expectedResult
      */
-    protected function checkEnvConfigResult(string $envName, $envVal, string $configKey, string $expectedResult)
+    protected function checkEnvConfigResult(string $envName, ?string $envVal, string $configKey, string $expectedResult)
     {
         $this->runWithEnv($envName, $envVal, function() use ($configKey, $expectedResult) {
             $this->assertEquals($expectedResult, config($configKey));