diff --git a/core/server/api/index.js b/core/server/api/index.js
index cb61a02056..81efc15a13 100644
--- a/core/server/api/index.js
+++ b/core/server/api/index.js
@@ -265,7 +265,7 @@ http = function (apiMethod) {
                 // #### Error
                 var httpErrors = formatHttpErrors(error);
                 // Send a properly formatted HTTP response containing the errors
-                res.json(httpErrors.statusCode, {errors: httpErrors.errors});
+                res.status(httpErrors.statusCode).json({errors: httpErrors.errors});
             });
     };
 };
diff --git a/core/server/errors/index.js b/core/server/errors/index.js
index 81afd19c00..60ffa9ddf5 100644
--- a/core/server/errors/index.js
+++ b/core/server/errors/index.js
@@ -230,14 +230,14 @@ errors = {
                 stack: stack
             }, function (templateErr, html) {
                 if (!templateErr) {
-                    return res.send(code, html);
+                    return res.status(code).send(html);
                 }
                 // There was an error trying to render the error page, output the error
                 self.logError(templateErr, 'Error whilst rendering error page', 'Error template has an error');
 
                 // And then try to explain things to the user...
                 // Cheat and output the error using handlebars escapeExpression
-                return res.send(500,
+                return res.status(500).send(
                     '<h1>Oops, seems there is an an error in the error template.</h1>' +
                     '<p>Encountered the error: </p>' +
                     '<pre>' + hbs.handlebars.Utils.escapeExpression(templateErr.message || templateErr) + '</pre>' +
@@ -268,7 +268,7 @@ errors = {
         if (req.method === 'GET') {
             this.renderErrorPage(404, message, req, res, next);
         } else {
-            res.send(404, message);
+            res.status(404).send(message);
         }
     },
 
@@ -304,7 +304,7 @@ errors = {
                 returnErrors.push(errorContent);
             });
 
-            res.json(statusCode, {errors: returnErrors});
+            res.status(statusCode).json({errors: returnErrors});
         }
     }
 };
diff --git a/core/server/middleware/ghost-busboy.js b/core/server/middleware/ghost-busboy.js
index 14bb88157c..dccba7511d 100644
--- a/core/server/middleware/ghost-busboy.js
+++ b/core/server/middleware/ghost-busboy.js
@@ -64,7 +64,7 @@ function ghostBusBoy(req, res, next) {
 
     busboy.on('error', function (error) {
         console.log('Error', 'Something went wrong parsing the form', error);
-        res.send(500, {code: 500, message: 'Could not parse upload completely.'});
+        res.status(500).send({code: 500, message: 'Could not parse upload completely.'});
     });
 
     busboy.on('field', function (fieldname, val) {
diff --git a/core/server/middleware/index.js b/core/server/middleware/index.js
index 342ad8a7c6..ce0e110c3a 100644
--- a/core/server/middleware/index.js
+++ b/core/server/middleware/index.js
@@ -172,7 +172,7 @@ function checkSSL(req, res, next) {
             // Check if forceAdminSSL: { redirect: false } is set, which means
             // we should just deny non-SSL access rather than redirect
             if (forceAdminSSL && forceAdminSSL.redirect !== undefined && !forceAdminSSL.redirect) {
-                return res.send(403);
+                return res.status(403).end();
             }
 
             redirectUrl = url.parse(config.urlSSL || config.url);
@@ -285,7 +285,7 @@ setupMiddleware = function (server) {
 
     // Body parsing
     expressServer.use(bodyParser.json());
-    expressServer.use(bodyParser.urlencoded());
+    expressServer.use(bodyParser.urlencoded({ extended: true }));
 
     expressServer.use(passport.initialize());
 
diff --git a/core/test/functional/frontend/feed_test.js b/core/test/functional/frontend/feed_test.js
index 22c578e848..816d5de3c8 100644
--- a/core/test/functional/frontend/feed_test.js
+++ b/core/test/functional/frontend/feed_test.js
@@ -61,7 +61,7 @@ CasperTest.begin('Ensures dated permalinks works with RSS', 2, function suite(te
 CasperTest.begin('Ensure that character set is UTF-8 for RSS feed', 1, function suite(test) {
     CasperTest.Routines.togglePermalinks.run('off');
     casper.thenOpen(url + 'rss/', function (response) {
-        test.assertEqual(response.headers.get('Content-Type'), 'text/xml; charset=UTF-8', 'Content type should include UTF-8 character set encoding.');
+        test.assertEqual(response.headers.get('Content-Type'), 'text/xml; charset=utf-8', 'Content type should include UTF-8 character set encoding.');
     });
 }, false);
 
diff --git a/package.json b/package.json
index d396aaf340..09ea2400e0 100644
--- a/package.json
+++ b/package.json
@@ -32,7 +32,7 @@
     "engineStrict": true,
     "dependencies": {
         "bcryptjs": "0.7.10",
-        "body-parser": "1.0.2",
+        "body-parser": "1.6.3",
         "bookshelf": "0.7.6",
         "busboy": "0.2.3",
         "colors": "0.6.2",
@@ -41,7 +41,7 @@
         "connect-slashes": "1.2.0",
         "cookie-parser": "1.0.1",
         "downsize": "0.0.5",
-        "express": "4.1.1",
+        "express": "4.8.3",
         "express-hbs": "0.7.10",
         "express-session": "1.0.4",
         "fs-extra": "0.8.1",