HTTPS: Always serve the app over TLS, especially when session cookies contain sensitive identifiers. However, CommTrackr can operate over HTTP in trusted internal networks or development environments.
Session Store: Use a production‑grade store such as MySQL rather than the default memory store.
Environment Variables: Keep secrets (session.secret, DB credentials) out of source control.
Scaling: Because CommTrackr stores data in the session, ensure your session store is shared across all server instances (e.g., a central MySQL cluster).
CommTrackr can operate over HTTP in trusted internal networks or development environments.
MySQL rather than the default memory store.