diff --git a/app/provision/index.php b/app/provision/index.php
index 5641506965..368cb63ee2 100644
--- a/app/provision/index.php
+++ b/app/provision/index.php
@@ -147,12 +147,12 @@
 			$device_address = substr($_SERVER['HTTP_USER_AGENT'],-14);
 			$device_address = preg_replace("#[^a-fA-F0-9./]#", "", $device_address);
 		}
-    
+
 		//Snom: $userAgent = "Mozilla/4.0 (compatible; snomD785-SIP 10.1.169.16 2010.12-00001-gd311851f1 (Feb 25 2019 - 14:19:43) 00041396D9B4 SXM:0 UXM:0 UXMC:0)"
 		if (substr($_SERVER['HTTP_USER_AGENT'],25,4) == "snom") {
 			$snom_ua = explode(" ", $_SERVER['HTTP_USER_AGENT']);
-		        $device_address = $snom_ua[10];
-		        $device_address = preg_replace("#[^a-fA-F0-9./]#", "", $device_address);
+			$device_address = $snom_ua[10];
+			$device_address = preg_replace("#[^a-fA-F0-9./]#", "", $device_address);
 		}
 
 		//Yealink: 17 digit mac appended to the user agent, so check for a space exactly 17 digits before the end.
@@ -179,7 +179,7 @@
 	}
 
 //get http_domain_filter from global settings only (can't be used per domain)
-	$domain_filter = (new settings(['database' => $database]))->get('provision', 'http_domain_filter', 'true') == 'true' ? true : false;
+	$domain_filter = (new settings(['database' => $database]))->get('provision', 'http_domain_filter', true);
 
 //get the domain_uuid, domain_name, device_name and device_vendor
 	$sql = "select d.device_uuid, d.domain_uuid, d.device_vendor, n.domain_name ";
@@ -234,14 +234,19 @@
 	$settings = new settings(['database' => $database, 'domain_uuid' => $domain_uuid]);
 
 //check if provisioning has been enabled
-	if ($settings->get('provision', 'enabled', 'false') !== "true") {
-		syslog(LOG_WARNING, '['.$_SERVER['REMOTE_ADDR']."] provision attempt but provisioning is not enabled for ".escape($_REQUEST['mac']));
+	if (!$settings->get('provision', 'enabled', false)) {
+		syslog(LOG_WARNING, '['.$_SERVER['REMOTE_ADDR']."] provision attempt but provisioning is ".__line__." not enabled for ".escape($_REQUEST['mac']));
 		http_error('404');
 	}
 
 //get all provision settings
 	$provision = $settings->get('provision', null, []);
 
+//check for a valid match
+	if (empty($device_uuid) && $settings->get('provision', 'auto_insert_enabled', false)) {
+		http_error(403);
+	}
+
 //check the cidr range
 	if (!empty($provision['cidr'])) {
 		$found = false;
diff --git a/app/provision/resources/classes/provision.php b/app/provision/resources/classes/provision.php
index 0db02492eb..fa5c28cb44 100644
--- a/app/provision/resources/classes/provision.php
+++ b/app/provision/resources/classes/provision.php
@@ -339,7 +339,7 @@
 								//checks either device enabled
 									if ($row['device_enabled'] != 'true') {
 										syslog(LOG_WARNING, '['.$_SERVER['REMOTE_ADDR']."] provision attempted but the device is not enabled for ".escape($device_address));
-										if ($this->settings->get('provision','debug', 'false') === 'true') {
+										if ($this->settings->get('provision','debug', false)) {
 											echo "<br/>device disabled<br/>";
 										}
 										else {
@@ -532,7 +532,7 @@
 							unset($templates);
 
 						//device address does not exist in the table so add it
-							if ($this->settings->get('provision','auto_insert_enabled','false') === "true") {
+							if ($this->settings->get('provision','auto_insert_enabled',false)) {
 
 								//get a new primary key
 								$device_uuid = uuid();
@@ -875,14 +875,14 @@
 
 				//get the list of contact directly assigned to the user
 					if (is_uuid($domain_uuid)) {
-						if ($this->settings->get('contact','permissions','false') === "true") {
+						if ($this->settings->get('contact','permissions',false)) {
 							//get the contacts assigned to the groups and add to the contacts array
-								if (is_uuid($device_user_uuid) && $this->settings->get('contact','contact_groups', 'false') === "true") {
+								if (is_uuid($device_user_uuid) && $this->settings->get('contact','contact_groups', false)) {
 									$this->contact_append($contacts, $line, $domain_uuid, $device_user_uuid, 'groups');
 								}
 
 							//get the contacts assigned to the user and add to the contacts array
-								if (is_uuid($device_user_uuid) && $this->settings->get('contact','contact_users', 'false') === "true") {
+								if (is_uuid($device_user_uuid) && $this->settings->get('contact','contact_users', false)) {
 									$this->contact_append($contacts, $line, $domain_uuid, $device_user_uuid, 'users');
 								}
 						}
@@ -891,9 +891,13 @@
 								$this->contact_append($contacts, $line, $domain_uuid, null, 'all');
 						}
 					}
-
+echo "device_uuid $device_uuid<br />\n";
+echo "domain_uuid $domain_uuid<br />\n";
+echo "contact_extensions ". $this->settings->get('provision','contact_extensions',false);
+//exit;
 				//get the extensions and add them to the contacts array
-					if (is_uuid($device_uuid) && is_uuid($domain_uuid) && $this->settings->get('provision','contact_extensions','false') === "true") {
+					if (is_uuid($device_uuid) && is_uuid($domain_uuid) && $this->settings->get('provision','contact_extensions',false)) {
+
 						//get contacts from the database
 							$sql = "select extension_uuid as contact_uuid, directory_first_name, directory_last_name, ";
 							$sql .= "effective_caller_id_name, effective_caller_id_number, ";
@@ -905,6 +909,7 @@
 							$sql .= "order by number_alias, extension asc ";
 							$parameters['domain_uuid'] = $domain_uuid;
 							$extensions = $this->database->select($sql, $parameters, 'all');
+view_array($extensions);
 							if (is_array($extensions) && sizeof($extensions) != 0) {
 								foreach ($extensions as $row) {
 									//get the contact_uuid
@@ -985,7 +990,7 @@
 							if (!empty($device_keys[$type]) && is_array($device_keys[$type])) {
 								foreach($device_keys[$type] as $row) {
 									//get the variables
-									$device_key_line = $row['device_key_line'];	
+									$device_key_line = $row['device_key_line'];
 									$device_key_id = $row['device_key_id'];
 									$device_key_value = $row['device_key_value'];
 									$device_key_extension = $row['device_key_extension'];
@@ -1212,7 +1217,7 @@
 						//make sure the file exists
 						if (!file_exists($template_dir."/".$device_template ."/".$file)) {
 							$this->http_error('404');
-							if ($this->settings->get('provision','debug','false') === 'true') {
+							if ($this->settings->get('provision','debug',false)) {
 								echo ":$template_dir/$device_template/$file<br/>";
 								echo "template_dir: $template_dir<br/>";
 								echo "device_template: $device_template<br/>";
@@ -1226,7 +1231,7 @@
 					$file_contents = $view->render($file);
 
 				//log file for testing
-					if ($this->settings->get('provision','debug','false') === 'true') {
+					if ($this->settings->get('provision','debug',false)) {
 						$tmp_file = "/tmp/provisioning_log.txt";
 						$fh = fopen($tmp_file, 'w') or die("can't open file");
 						$tmp_string = $device_address."\n";
@@ -1235,6 +1240,7 @@
 					}
 
 					$this->file = $file;
+
 				//returned the rendered template
 					return $file_contents;