diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php
index 0c8b0c11f..edfc5e17b 100644
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@@ -361,7 +361,7 @@ class Context
 		}
 		
 		// start session
-		$relax_key_checks = ((self::$_get_vars->act ?? null) === 'procFileUpload' && preg_match('/shockwave\s?flash/i', $_SERVER['HTTP_USER_AGENT']));
+		$relax_key_checks = ((self::$_get_vars->act ?? null) === 'procFileUpload' && preg_match('/shockwave\s?flash/i', $_SERVER['HTTP_USER_AGENT'] ?? ''));
 		Rhymix\Framework\Session::checkSSO($site_module_info);
 		Rhymix\Framework\Session::start(false, $relax_key_checks);
 
diff --git a/classes/mobile/Mobile.class.php b/classes/mobile/Mobile.class.php
index 0c71b2380..cffaf6b3b 100644
--- a/classes/mobile/Mobile.class.php
+++ b/classes/mobile/Mobile.class.php
@@ -46,7 +46,7 @@ class Mobile
 		// Try to detect from URL arguments and cookies, and finally fall back to user-agent detection.
 		$m = Context::get('m');
 		$cookie = isset($_COOKIE['rx_uatype']) ? $_COOKIE['rx_uatype'] : null;
-		$uahash = base64_encode_urlsafe(md5($_SERVER['HTTP_USER_AGENT'], true));
+		$uahash = base64_encode_urlsafe(md5($_SERVER['HTTP_USER_AGENT'] ?? '', true));
 		if (strncmp($cookie, $uahash . ':', strlen($uahash) + 1) !== 0)
 		{
 			$cookie = null;