diff --git a/api/base.py b/api/base.py
index 82f25211ff4fd76fab22d7d872266bfabacfe726..e544a58485172f280254326ca52a4485e004e8c1 100644
--- a/api/base.py
+++ b/api/base.py
@@ -34,6 +34,10 @@ class RequestHandler(webapp2.RequestHandler):
         access_token = self.request.headers.get('Authorization', None)
         drone_secret = self.request.headers.get('X-SciTran-Auth', None)
 
+        site_id = config.site_id()
+        if site_id is None:
+            self.abort(503, 'Database not initialized')
+
         # User (oAuth) authentication
         if access_token and self.app.config['oauth2_id_endpoint']:
             cached_token = self.app.db.authtokens.find_one({'_id': access_token})
@@ -63,7 +67,7 @@ class RequestHandler(webapp2.RequestHandler):
                         u = u._replace(query=urllib.urlencode(query, True))
                         provider_avatar = urlparse.urlunparse(u)
                 else:
-                    headers = {'WWW-Authenticate': 'Bearer realm="%s", error="invalid_token", error_description="Invalid OAuth2 token."' % config.site_id()}
+                    headers = {'WWW-Authenticate': 'Bearer realm="%s", error="invalid_token", error_description="Invalid OAuth2 token."' % site_id}
                     self.abort(401, 'invalid oauth2 token', headers=headers)
 
         # 'Debug' (insecure) setting: allow request to act as requested user
@@ -87,7 +91,7 @@ class RequestHandler(webapp2.RequestHandler):
                     self.abort(402, remote_instance + ' is not an authorized remote instance')
             else:
                 self.abort(401, 'no valid SSL client certificate')
-        self.user_site = self.source_site or config.site_id()
+        self.user_site = self.source_site or site_id
 
         self.public_request = not drone_request and not self.uid
 
diff --git a/api/config.py b/api/config.py
index 55abd64ec130e471c5fad81e6cac727c7b1d7a82..7b75869ebd9cbaa741429852c10424568619bed0 100644
--- a/api/config.py
+++ b/api/config.py
@@ -10,7 +10,7 @@ def _get_item(item):
     global last_update, latest_config
     now = datetime.datetime.utcnow()
     if now - last_update > datetime.timedelta(seconds=120) or latest_config is None:
-        latest_config = mongo.db.config.find_one({'latest': True})
+        latest_config = mongo.db.config.find_one({'latest': True}) or {}
         last_update = now
     return latest_config.get(item)
 
diff --git a/api/mongo.py b/api/mongo.py
index 3b6ebe1d4a0a18d32d2c6233be7f2e3dc72ef361..0ba544063027488e7abb537b75107f0703e599ac 100644
--- a/api/mongo.py
+++ b/api/mongo.py
@@ -4,4 +4,4 @@ db = None
 
 def configure_db(db_uri):
     global db
-    db = pymongo.MongoClient(db_uri, j=True).get_default_database()
+    db = pymongo.MongoClient(db_uri, j=True, connectTimeoutMS=2000, serverSelectionTimeoutMS=3000).get_default_database()