diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php
index f3011e6ff..af3a2f412 100644
--- a/web/api/app/Controller/AppController.php
+++ b/web/api/app/Controller/AppController.php
@@ -34,6 +34,7 @@ class AppController extends Controller {
 	use CrudControllerTrait;
 
 	public $components = [
+		'Session', // PP - We are going to use SessionHelper to check PHP session vars
 		'RequestHandler',
 		'Crud.Crud' => [
 			'actions' => [
@@ -47,4 +48,21 @@ class AppController extends Controller {
 			'listeners' => ['Api', 'ApiTransformation']
 		]
 	];
+
+	//PP - Global beforeFilter function
+	//Zoneminder sets the username session variable
+	// to the logged in user. If this variable is set
+	// then you are logged in
+	// its pretty simple to extend this to also check
+	// for role and deny API access in future 
+	public function beforeFilter() {
+		if (!$this->Session->Read('username')) 
+		{
+			
+			throw new NotFoundException(__('Not Authenticated'));
+			return;
+		}
+		
+    }
+
 }
diff --git a/web/api/app/Controller/EventsController.php b/web/api/app/Controller/EventsController.php
index 05a280be3..1afd3be1f 100644
--- a/web/api/app/Controller/EventsController.php
+++ b/web/api/app/Controller/EventsController.php
@@ -37,7 +37,16 @@ class EventsController extends AppController {
 			'fields' => array('Name', 'Value')
 		));
 		$this->Paginator->settings = array(
-			'limit' => $limit['ZM_WEB_EVENTS_PER_PAGE'],
+			// https://github.com/ZoneMinder/ZoneMinder/issues/995
+			// 'limit' => $limit['ZM_WEB_EVENTS_PER_PAGE'],
+			// PP - 25 events per page which is what the above
+			// default is, is way too low for an API
+			// changing this to 100 so we don't kill ZM
+			// with many event APIs. In future, we can
+			// make a nice ZM_API_ITEMS_PER_PAGE for all pagination
+			// API
+		
+			'limit' => '100', 
 			'order' => array('StartTime', 'MaxScore'),
 			'paramType' => 'querystring',
 			'conditions' => $conditions