diff --git a/server.js b/server.js
index 27df625..07f94ec 100644
--- a/server.js
+++ b/server.js
@@ -83,6 +83,9 @@ app.get('/getdata', (req, res) => {
 // Handle requests to /cleanup by deleting any data older than 90 days from the datastore
 app.get('/cleanup', (req, res) => {
   // SECURITY CHECK FOR THE CORRECT CRONJOB HEADER GOES HERE!!
+  if (!req.headers['cleanup-key'] || req.headers['cleanup-key'] != process.env.SECRET) {
+    return res.status(401).send('Authorization header not found').end();
+  }
   
   var before = new Date();
   before.setDate(before.getDate()-91);
@@ -96,8 +99,8 @@ app.get('/cleanup', (req, res) => {
         [Op.lt]: before
       }
     }
-  }).then((result) => {
-    res.status(200).send(result).end();
+  }).then((numRows) => {
+    res.status(200).send('Deleted rows: ' + numRows).end();
   });
 });