diff --git a/public_html/api/index.php b/public_html/api/index.php
index 480820841044b1be54973e0938f61be555d276be..74a9f2928335ca608a925f929adba69ba048235b 100644
--- a/public_html/api/index.php
+++ b/public_html/api/index.php
@@ -84,6 +84,9 @@
         if(!isset($aReqHeaders['Authorization'])){
             _quit('Access denied. Missing authorization.', 403);
         }         
+        if(!isset($aReqHeaders['Date'])){
+            _quit('Access denied. Missing field "Date:" in the request header.', 403);
+        }         
 
         $sGotHash= preg_replace('/^.*\:/', '', $aReqHeaders['Authorization']);
         $sGotDate= $aReqHeaders['Date'];
@@ -103,7 +106,10 @@
         $iAge=date('U')-date('U', strtotime($sGotDate));
         _wd('Date: '.$sGotDate.' - age: '.$iAge.' sec');
         if($iAge>$iMaxAge){
-            _quit('Access denied. Hash is out of date: '.$iAge. ' sec is older '.$iMaxAge.' sec', 403);
+            _quit('Access denied. Hash is out of date: '.$iAge. ' sec is older '.$iMaxAge.' sec. Maybe client or server is out of sync.', 403);
+        }
+        if($iAge<-$iMaxAge){
+            _quit('Access denied. Hash is '.$iAge. ' sec in future but only '.$iMaxAge.' sec are allowed. Maybe client or server is out of sync.', 403);
         }
         return true;
     }