diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 3f82758d..1cdb92e9 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -197,6 +197,14 @@ jobs:
           ./mvnw clean test
         working-directory: backend
 
+      - name: Upload surefire reports
+        if: always()
+        # Gitea Actions (act_runner) does not implement upload-artifact v4 protocol — pinned per ADR-014. Do NOT upgrade. See #557.
+        uses: actions/upload-artifact@v3
+        with:
+          name: surefire-reports
+          path: backend/target/surefire-reports/
+
   # ─── fail2ban Regex Regression ────────────────────────────────────────────────
   # The filter parses Caddy's JSON access log; a Caddy upgrade that reorders
   # the JSON keys would silently break it (fail2ban-regex would return
diff --git a/backend/pom.xml b/backend/pom.xml
index daa14df3..aa6df656 100644
--- a/backend/pom.xml
+++ b/backend/pom.xml
@@ -273,6 +273,16 @@
 					</profiles>
 				</configuration>
 			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-surefire-plugin</artifactId>
+				<configuration>
+					<forkedProcessTimeoutInSeconds>120</forkedProcessTimeoutInSeconds>
+					<systemPropertyVariables>
+						<junit.jupiter.execution.timeout.default>90 s</junit.jupiter.execution.timeout.default>
+					</systemPropertyVariables>
+				</configuration>
+			</plugin>
 		</plugins>
 	</build>
 
diff --git a/backend/src/test/resources/application.properties b/backend/src/test/resources/application.properties
new file mode 100644
index 00000000..a6b847d2
--- /dev/null
+++ b/backend/src/test/resources/application.properties
@@ -0,0 +1,2 @@
+logging.level.root=WARN
+logging.level.org.raddatz=INFO
diff --git a/frontend/vitest.client-coverage.config.ts b/frontend/vitest.client-coverage.config.ts
index 6aa1614a..dc822281 100644
--- a/frontend/vitest.client-coverage.config.ts
+++ b/frontend/vitest.client-coverage.config.ts
@@ -24,6 +24,8 @@ export default defineConfig({
 		})
 	],
 	test: {
+		testTimeout: 30_000,
+		hookTimeout: 15_000,
 		expect: { requireAssertions: true },
 		browser: {
 			enabled: true,