diff --git a/api/server.js b/api/server.js
index 7adb732..69b69cd 100644
--- a/api/server.js
+++ b/api/server.js
@@ -36,8 +36,8 @@ app.use(mongoSanitize()); // Sanitize data
 app.use(helmet()); // Set security headers
 app.use(xss()); // Prevent cross site scripting attacks
 
-const rateLimitMax = process.env.RATE_LIMIT_MAX || 100;
-const rateLimitWindowMs = process.env.RATE_LIMIT_WINDOW_MS || 15 * 60 * 1000; // Default to 15 minutes
+const rateLimitMax = process.env.rate_limit_max || 100;
+const rateLimitWindowMs = process.env.rate_limit_window || 15 * 60 * 1000; // Default to 15 minutes
 
 const limiter = rateLimit({
   windowMs: rateLimitWindowMs, // Use environment variable or default to 15 minutes