diff --git a/community_server/config/bootstrap.php b/community_server/config/bootstrap.php
index 55918ba20..77264ee0a 100644
--- a/community_server/config/bootstrap.php
+++ b/community_server/config/bootstrap.php
@@ -197,7 +197,7 @@ Type::build('timestamp')
 header('Access-Control-Allow-Origin: *');
 header('Access-Control-Allow-Methods: POST, GET, PUT, PATCH, DELETE, OPTIONS');
 header('Access-Control-Allow-Headers: *');
-if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
+if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
     exit(0);
 }
 
diff --git a/community_server/config/routes.php b/community_server/config/routes.php
index 5a537b9c2..322825c87 100644
--- a/community_server/config/routes.php
+++ b/community_server/config/routes.php
@@ -65,7 +65,7 @@ Router::scope('/', function (RouteBuilder $routes) {
             if($entry == 'ElopageWebhook' || $entry == 'AppRequests') {
               return true;
             }
-            if($request->clientIp() == '127.0.0.1' || $request->clientIp() == 'localhost') {
+            if($request->clientIp() == '127.0.0.1' || $request->clientIp() == 'localhost' || $request->clientIp() == '') {
               return true;
             }
             $allowedCaller = Configure::read('API.allowedCaller');