diff --git a/server/server.js b/server/server.js
index 7e2f362f1a..78c20d7dc6 100644
--- a/server/server.js
+++ b/server/server.js
@@ -82,6 +82,8 @@ mongoose.connect(mongoConnectionString, {
   socketTimeoutMS: 45000 // 45 seconds timeout
 });
 
+const isProduction = process.env.NODE_ENV === 'production';
+
 app.use(
   session({
     resave: true,
@@ -91,7 +93,7 @@ app.use(
     name: 'sessionId',
     cookie: {
       httpOnly: true,
-      secure: false,
+      secure: isProduction,
       maxAge: 1000 * 60 * 60 * 24 * 28 // 4 weeks in milliseconds
     },
     store: MongoStore.create({