diff --git a/app/Http/Controllers/BotController.php b/app/Http/Controllers/BotController.php
index 846ace8ee16c..5e5994185c87 100644
--- a/app/Http/Controllers/BotController.php
+++ b/app/Http/Controllers/BotController.php
@@ -66,9 +66,9 @@ class BotController extends Controller
                     }
                 // regular chat message
                 } else {
-                    if ($message === 'help') {
+                    if ($text === 'help') {
                         $response = SkypeResponse::message(trans('texts.bot_help_message'));
-                    } elseif ($message == 'status') {
+                    } elseif ($text == 'status') {
                         $response = SkypeResponse::message(trans('texts.intent_not_supported'));
                     } else {
                         if ( ! $user = User::whereBotUserId($botUserId)->with('account')->first()) {
@@ -98,8 +98,7 @@ class BotController extends Controller
 
     private function authenticate($input)
     {
-        $headers = getallheaders();
-        $token = isset($headers['Authorization']) ? $headers['Authorization'] : false;
+        $token = isset($_SERVER['HTTP_AUTHORIZATION']) ? $_SERVER['HTTP_AUTHORIZATION'] : false;
 
         if (Utils::isNinjaDev()) {
             // skip validation for testing
@@ -261,6 +260,8 @@ class BotController extends Controller
             return false;
         }
 
+        $token = explode(' ', $token)[1];
+
         // https://blogs.msdn.microsoft.com/tsmatsuz/2016/07/12/developing-skype-bot/
         // 0:Invalid, 1:Valid
         $token_valid = 0;
@@ -319,5 +320,4 @@ class BotController extends Controller
         $res = base64_decode($res);
         return $res;
     }
-
 }
diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php
index 43456eaf6ffc..561234f73f24 100644
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@@ -31,6 +31,7 @@ class VerifyCsrfToken extends BaseVerifier
         'reseller_stats',
         'payment_hook/*',
         'buy_now/*',
+        'hook/bot/*',
     ];
 
     /**
diff --git a/app/Ninja/Intents/BaseIntent.php b/app/Ninja/Intents/BaseIntent.php
index a0e6834d7b71..7640e160725d 100644
--- a/app/Ninja/Intents/BaseIntent.php
+++ b/app/Ninja/Intents/BaseIntent.php
@@ -67,7 +67,7 @@ class BaseIntent
 
     public function process()
     {
-        // do nothing by default
+        throw new Exception(trans('texts.intent_not_supported'));
     }
 
     public function setStateEntities($entityType, $entities)
diff --git a/app/Ninja/Intents/ListProductsIntent.php b/app/Ninja/Intents/ListProductsIntent.php
index fd0700d2faae..bba2fc7720fd 100644
--- a/app/Ninja/Intents/ListProductsIntent.php
+++ b/app/Ninja/Intents/ListProductsIntent.php
@@ -12,7 +12,7 @@ class ListProductsIntent extends ProductIntent
         $account = Auth::user()->account;
         $products = Product::scope()
             ->orderBy('product_key')
-            ->limit(10)
+            ->limit(5)
             ->get()
             ->transform(function($item, $key) use ($account) {
                 $card = $item->present()->skypeBot($account);
diff --git a/app/Ninja/Repositories/ClientRepository.php b/app/Ninja/Repositories/ClientRepository.php
index 753bb0e6f4a8..ae61f37492d7 100644
--- a/app/Ninja/Repositories/ClientRepository.php
+++ b/app/Ninja/Repositories/ClientRepository.php
@@ -144,11 +144,12 @@ class ClientRepository extends BaseRepository
         $clients = Client::scope()->get(['id', 'name', 'public_id']);
 
         foreach ($clients as $client) {
+            $map[$client->id] = $client;
+
             if ( ! $client->name) {
                 continue;
             }
 
-            $map[$client->id] = $client;
             $similar = similar_text($clientNameMeta, metaphone($client->name), $percent);
 
             if ($percent > $max) {
diff --git a/public/.htaccess b/public/.htaccess
index ab45908df822..9d7726d979ef 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -12,7 +12,11 @@
     RewriteCond %{REQUEST_FILENAME} !-d
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteRule ^ index.php [L]
-    
+
+    # http://stackoverflow.com/a/20865084/497368
+    RewriteCond %{HTTP:Authorization} .
+    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
     # In case of running InvoiceNinja in a Subdomain like invoiceninja.example.com,
     # you have to enable the following line:
     # RewriteBase /
diff --git a/resources/lang/en/texts.php b/resources/lang/en/texts.php
index a93fbfe0a7a1..7b0b3cb59939 100644
--- a/resources/lang/en/texts.php
+++ b/resources/lang/en/texts.php
@@ -2054,7 +2054,7 @@ $LANG = array(
     'invoice_for_client' => 'Invoice :invoice for :client',
     'intent_not_found' => 'Sorry, I\'m not sure what you\'re asking.',
     'intent_not_supported' => 'Sorry, I\'m not able to do that.',
-    'client_not_found' => 'We weren\'t able to find the client',
+    'client_not_found' => 'I wasn\'t able to find the client',
     'not_allowed' => 'Sorry, you don\'t have the needed permissions',
     'bot_emailed_invoice' => 'Your invoice has been sent.',
     'bot_emailed_notify_viewed' => 'I\'ll email you when it\'s viewed.',
@@ -2070,7 +2070,7 @@ $LANG = array(
     'security_code_email_subject' => 'Security code for Invoice Ninja Bot',
     'security_code_email_line1' => 'This is your Invoice Ninja Bot security code.',
     'security_code_email_line2' => 'Note: it will expire in 10 minutes.',
-    'bot_help_message' => 'We currently support:<br/>• Create\update\email an invoice<br/>• List products<br/>For example:<br/><i>invoice bob for 2 tickets, set the due date to next thursday and the discount to 10 percent</i>',
+    'bot_help_message' => 'I currently support:<br/>• Create\update\email an invoice<br/>• List products<br/>For example:<br/><i>invoice bob for 2 tickets, set the due date to next thursday and the discount to 10 percent</i>',
     'list_products' => 'List Products',
 
 );