diff --git a/src/node/hooks/express.js b/src/node/hooks/express.js
index cb536ef4..5363d331 100644
--- a/src/node/hooks/express.js
+++ b/src/node/hooks/express.js
@@ -1,13 +1,13 @@
-var hooks = require("ep_etherpad-lite/static/js/pluginfw/hooks");
-var express = require('express');
-var settings = require('../utils/Settings');
-var fs = require('fs');
-var path = require('path');
-var npm = require("npm/lib/npm.js");
-var  _ = require("underscore");
+const _ = require('underscore');
+const express = require('express');
+const fs = require('fs');
+const hooks = require('../../static/js/pluginfw/hooks');
+const npm = require('npm/lib/npm');
+const path = require('path');
+const settings = require('../utils/Settings');
 const util = require('util');
 
-var serverName;
+let serverName;
 
 exports.server = null;
 
@@ -33,7 +33,7 @@ exports.createServer = async () => {
     console.warn("Admin username and password not set in settings.json.  To access admin please uncomment and edit 'users' in settings.json");
   }
 
-  var env = process.env.NODE_ENV || 'development';
+  const env = process.env.NODE_ENV || 'development';
 
   if (env !== 'production') {
     console.warn("Etherpad is running in Development mode.  This mode is slower for users and less secure than production mode.  You should set the NODE_ENV environment variable to production by using: export NODE_ENV=production");
@@ -46,30 +46,30 @@ exports.restartServer = async () => {
     await util.promisify(exports.server.close).bind(exports.server)();
   }
 
-  var app = express(); // New syntax for express v3
+  const app = express(); // New syntax for express v3
 
   if (settings.ssl) {
     console.log("SSL -- enabled");
     console.log(`SSL -- server key file: ${settings.ssl.key}`);
     console.log(`SSL -- Certificate Authority's certificate file: ${settings.ssl.cert}`);
 
-    var options = {
+    const options = {
       key: fs.readFileSync( settings.ssl.key ),
       cert: fs.readFileSync( settings.ssl.cert )
     };
 
     if (settings.ssl.ca) {
       options.ca = [];
-      for (var i = 0; i < settings.ssl.ca.length; i++) {
-        var caFileName = settings.ssl.ca[i];
+      for (let i = 0; i < settings.ssl.ca.length; i++) {
+        const caFileName = settings.ssl.ca[i];
         options.ca.push(fs.readFileSync(caFileName));
       }
     }
 
-    var https = require('https');
+    const https = require('https');
     exports.server = https.createServer(options, app);
   } else {
-    var http = require('http');
+    const http = require('http');
     exports.server = http.createServer(app);
   }