diff --git a/README.md b/README.md
index 2d9bbd6..321168d 100644
--- a/README.md
+++ b/README.md
@@ -46,7 +46,7 @@ grant all on blog_name.* to blog_user@localhost identified by "password";
 ## Node Dependencies
 ```bash
 npm install express
-npm install express-sessions
+npm install express-session
 npm install mysql
 npm install sanitizer
 npm install promise
@@ -54,5 +54,5 @@ npm install markdown
 npm install markdown-to-html -g
 npm install highlight
 npm install crypto
-npm i express-force-ssl
+npm install express-force-ssl
 ```
diff --git a/server.js b/server.js
index f612259..686dc2f 100644
--- a/server.js
+++ b/server.js
@@ -7,8 +7,6 @@
 
 const http = require('http');
 
-var https = require('https');
-
 const url = require('url');
 
 var express = require("express");
@@ -16,12 +14,15 @@ var express = require("express");
 var session = require('express-session');
 
 const includes = require('./includes/includes.js');
-
-var forceSsl = require('express-force-ssl');
+//
+const utils = require('./utils/utils.js');
+//
+// var forceSsl = require('express-force-ssl');
 
 var app = express();
 
-var fs = require('fs');
+// var https = require('https');
+
 
 //var key = fs.readFileSync('private.key');
 //var cert = fs.readFileSync( 'primary.crt' );
@@ -33,8 +34,7 @@ var fs = require('fs');
 //     ca: ca
 // };
 
-//the secret is different on production
-app.use(session({ secret: 'keyboard cat', cookie: { maxAge: 6000000 }}));
+app.use(session({ secret: utils.getFileContents('../../session_secret'), cookie: { maxAge: 6000000 }}));
 
 app.use(function(request, res)
 {
@@ -83,6 +83,6 @@ app.use(function(request, res)
 
 //https.createServer(options, app).listen(443);
 
-http.createServer(app).listen(80);
+http.createServer(app).listen(8080);
 
 //app.use(forceSsl);
\ No newline at end of file
diff --git a/utils/sql.js b/utils/sql.js
index 7e1edb0..2b19be1 100644
--- a/utils/sql.js
+++ b/utils/sql.js
@@ -8,10 +8,12 @@ const crypto = require('crypto');
 
 const qs = require('querystring');
 
+const utils = require('../utils/utils.js');
+
 const con = mysql.createConnection({
     host: "localhost",
     user: "blog_user",
-    password: "password", //definitely not the password on production
+    password: utils.getFileContents('../../sql_secret'),
     database: "blog_name"
 });