diff --git a/backend/src/app.js b/backend/src/app.js
index 0712c5b..8a6be6b 100644
--- a/backend/src/app.js
+++ b/backend/src/app.js
@@ -51,13 +51,14 @@ const limiter = rateLimit({
 });
 app.use(limiter);
 
-// Stricter rate limiting for auth routes
+// Stricter rate limiting for auth routes, but skip low-risk polling endpoint
 const authLimiter = rateLimit({
   windowMs: 15 * 60 * 1000, // 15 minutes
-  max: 200, // Increased to 200 auth requests per 15 minutes for development
+  max: 200, // dev-friendly
   message: 'Too many authentication attempts, please try again later.',
   standardHeaders: true,
   legacyHeaders: false,
+  skip: (req) => (req.path || '') === '/registration-status'
 });
 
 // Middleware
diff --git a/docker-compose.yml b/docker-compose.yml
index 0104125..ab5d9ab 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -13,6 +13,13 @@ services:
       dockerfile: Dockerfile
     environment:
       - REACT_APP_API_URL=https://turftracker.kaspers.us/api
+      # Stabilize CRA dev server behind Traefik (WebSocket + polling)
+      - WDS_SOCKET_HOST=turftracker.kaspers.us
+      - WDS_SOCKET_PORT=443
+      - WDS_SOCKET_PATH=/ws
+      - CHOKIDAR_USEPOLLING=true
+      - WATCHPACK_POLLING=true
+      - WATCHPACK_POLLING_INTERVAL=1000
     volumes:
       - ./frontend:/app
       - /app/node_modules