diff --git a/src/httpapi/security/client.py b/src/httpapi/security/client.py
index 11ee4f99..71393dec 100644
--- a/src/httpapi/security/client.py
+++ b/src/httpapi/security/client.py
@@ -54,9 +54,10 @@ class ClientAPISecurity:
             """Validate request has set password & is the correct hostname."""
             # For the purpose of preventing DNS rebinding attacks
             localhost = True
-            if request.host != '%s:%s' % \
-                    (client_api.host, client_api.bindPort):
-                localhost = False
+            if client_api.host != '0.0.0.0':
+                if request.host != '%s:%s' % \
+                        (client_api.host, client_api.bindPort):
+                    localhost = False
 
             if not localhost and public_remote_enabled:
                 if request.host not in public_remote_hostnames:
diff --git a/src/netcontroller/torcontrol/__init__.py b/src/netcontroller/torcontrol/__init__.py
index cb9763e6..2e861e6c 100644
--- a/src/netcontroller/torcontrol/__init__.py
+++ b/src/netcontroller/torcontrol/__init__.py
@@ -91,7 +91,7 @@ class NetController:
                     if '100' not in line.decode():
                         logger.info(line.decode().strip(), terminal=True)
                 if 'bootstrapped 100' in line.decode().lower():
-                    logger.info(line.decode())
+                    logger.info(line.decode(), terminal=True)
                     break
                 elif 'opening socks listener' in line.decode().lower():
                     logger.debug(line.decode().replace('\n', ''))