diff --git a/packages/components/src/followUpPrompts.ts b/packages/components/src/followUpPrompts.ts
index 2fc2524f4..91be9b69e 100644
--- a/packages/components/src/followUpPrompts.ts
+++ b/packages/components/src/followUpPrompts.ts
@@ -20,7 +20,9 @@ export const generateFollowUpPrompts = async (
     options: ICommonObject
 ) => {
     if (followUpPromptsConfig) {
+        if (!followUpPromptsConfig.status) return undefined
         const providerConfig = followUpPromptsConfig[followUpPromptsConfig.selectedProvider]
+        if (!providerConfig) return undefined
         const credentialId = providerConfig.credentialId as string
         const credentialData = await getCredentialData(credentialId ?? '', options)
         const followUpPromptsPrompt = providerConfig.prompt.replace('{history}', apiMessageContent)
diff --git a/packages/server/src/controllers/predictions/index.ts b/packages/server/src/controllers/predictions/index.ts
index 504d6518a..cda48d17b 100644
--- a/packages/server/src/controllers/predictions/index.ts
+++ b/packages/server/src/controllers/predictions/index.ts
@@ -29,11 +29,13 @@ const createPrediction = async (req: Request, res: Response, next: NextFunction)
             throw new InternalFlowiseError(StatusCodes.NOT_FOUND, `Chatflow ${req.params.id} not found`)
         }
         let isDomainAllowed = true
+        let unauthorizedOriginError = 'This site is not allowed to access this chatbot'
         logger.info(`[server]: Request originated from ${req.headers.origin || 'UNKNOWN ORIGIN'}`)
         if (chatflow.chatbotConfig) {
             const parsedConfig = JSON.parse(chatflow.chatbotConfig)
             // check whether the first one is not empty. if it is empty that means the user set a value and then removed it.
             const isValidAllowedOrigins = parsedConfig.allowedOrigins?.length && parsedConfig.allowedOrigins[0] !== ''
+            unauthorizedOriginError = parsedConfig.allowedOriginsError || 'This site is not allowed to access this chatbot'
             if (isValidAllowedOrigins && req.headers.origin) {
                 const originHeader = req.headers.origin
                 const origin = new URL(originHeader).host
@@ -81,7 +83,11 @@ const createPrediction = async (req: Request, res: Response, next: NextFunction)
                 return res.json(apiResponse)
             }
         } else {
-            throw new InternalFlowiseError(StatusCodes.UNAUTHORIZED, `This site is not allowed to access this chatbot`)
+            const isStreamingRequested = req.body.streaming === 'true' || req.body.streaming === true
+            if (isStreamingRequested) {
+                return res.status(StatusCodes.FORBIDDEN).send(unauthorizedOriginError)
+            }
+            throw new InternalFlowiseError(StatusCodes.FORBIDDEN, unauthorizedOriginError)
         }
     } catch (error) {
         next(error)
diff --git a/packages/ui/src/ui-component/extended/RateLimit.jsx b/packages/ui/src/ui-component/extended/RateLimit.jsx
index fef8063d7..7591083e7 100644
--- a/packages/ui/src/ui-component/extended/RateLimit.jsx
+++ b/packages/ui/src/ui-component/extended/RateLimit.jsx
@@ -30,7 +30,7 @@ const RateLimit = () => {
     const enqueueSnackbar = (...args) => dispatch(enqueueSnackbarAction(...args))
     const closeSnackbar = (...args) => dispatch(closeSnackbarAction(...args))
 
-    const [rateLimitStatus, setRateLimitStatus] = useState(false)
+    const [rateLimitStatus, setRateLimitStatus] = useState(apiConfig?.rateLimit?.status !== undefined ? apiConfig.rateLimit.status : false)
     const [limitMax, setLimitMax] = useState(apiConfig?.rateLimit?.limitMax ?? '')
     const [limitDuration, setLimitDuration] = useState(apiConfig?.rateLimit?.limitDuration ?? '')
     const [limitMsg, setLimitMsg] = useState(apiConfig?.rateLimit?.limitMsg ?? '')