diff --git a/deploy-security-fixes.sh b/deploy-security-fixes.sh
new file mode 100644
index 0000000..0a459b9
--- /dev/null
+++ b/deploy-security-fixes.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# LittleShop Security Fixes Deployment Script
+# Run this script on the Hostinger VPS to deploy the fixed Docker image
+
+set -e  # Exit on any error
+
+echo "🚀 Starting LittleShop Security Fixes Deployment..."
+echo "📅 $(date)"
+
+# Change to the LittleShop directory
+cd /root/LittleShop
+
+echo "📦 Pulling latest code with security fixes..."
+git pull origin main
+
+echo "🐳 Stopping current containers..."
+docker-compose down
+
+echo "🔨 Building new Docker image with security fixes..."
+docker build -t localhost:5000/littleshop:security-fixed-v2 .
+
+echo "🏷️ Tagging as latest..."
+docker tag localhost:5000/littleshop:security-fixed-v2 localhost:5000/littleshop:latest
+
+echo "🚀 Starting updated containers..."
+docker-compose up -d
+
+echo "⏳ Waiting for containers to start..."
+sleep 10
+
+echo "🔍 Checking container status..."
+docker ps | grep littleshop
+
+echo "🏥 Health check..."
+timeout 30 bash -c 'until curl -f http://localhost:8080/health; do sleep 2; done' || echo "Health check timeout - checking logs..."
+
+echo "📋 Container logs (last 20 lines):"
+docker logs littleshop-admin --tail 20
+
+echo "✅ Deployment script completed!"
+echo "🌐 Application should be available at: http://srv1002428.hstgr.cloud:8080"
+echo ""
+echo "Security fixes applied:"
+echo "- ✅ Fixed exception exposure in AuthController"
+echo "- ✅ Re-enabled JWT validation with environment checks"
+echo "- ✅ Enhanced rate limiting for anonymous endpoints"
+echo "- ✅ Fixed Dockerfile user permission issues"
+echo "- ✅ Simplified container permissions to prevent crashes"
\ No newline at end of file