diff --git a/packages/auth/src/redis/utils.js b/packages/auth/src/redis/utils.js
index 03d1d02e5b..efdd2aa48d 100644
--- a/packages/auth/src/redis/utils.js
+++ b/packages/auth/src/redis/utils.js
@@ -32,6 +32,9 @@ exports.getRedisOptions = (clustered = false) => {
 }
 
 exports.addDbPrefix = (db, key) => {
+  if (key.includes(db)) {
+    return key
+  }
   return `${db}${SEPARATOR}${key}`
 }
 
diff --git a/packages/server/src/api/controllers/dev.js b/packages/server/src/api/controllers/dev.js
index ae9ffa2a8c..23132ea724 100644
--- a/packages/server/src/api/controllers/dev.js
+++ b/packages/server/src/api/controllers/dev.js
@@ -2,7 +2,6 @@ const fetch = require("node-fetch")
 const env = require("../../environment")
 const { checkSlashesInUrl } = require("../../utilities")
 const { request } = require("../../utilities/workerRequests")
-const { getGlobalIDFromUserMetadataID } = require("../../db/utils")
 const { clearLock } = require("../../utilities/redis")
 
 async function redirect(ctx, method) {
@@ -35,7 +34,7 @@ exports.redirectDelete = async ctx => {
   await redirect(ctx, "DELETE")
 }
 
-exports.removeLock = async ctx => {
+exports.clearLock = async ctx => {
   const { appId } = ctx.params
   try {
     await clearLock(appId, ctx.user)
diff --git a/packages/server/src/api/routes/dev.js b/packages/server/src/api/routes/dev.js
index 6513cafeb2..50a97cb345 100644
--- a/packages/server/src/api/routes/dev.js
+++ b/packages/server/src/api/routes/dev.js
@@ -16,7 +16,7 @@ if (env.isDev() || env.isTest()) {
 router.delete(
   "/api/dev/:appId/lock",
   authorized(BUILDER),
-  controller.removeLock
+  controller.clearLock
 )
 
 module.exports = router
diff --git a/packages/server/src/middleware/authorized.js b/packages/server/src/middleware/authorized.js
index 99163fc321..339b1160da 100644
--- a/packages/server/src/middleware/authorized.js
+++ b/packages/server/src/middleware/authorized.js
@@ -41,9 +41,10 @@ module.exports = (permType, permLevel = null) => async (ctx, next) => {
   }
 
   const builderCall = permType === PermissionTypes.BUILDER
-
+  const referer = ctx.headers["referer"]
+  const editingApp = referer ? referer.includes(ctx.appId) : false
   // this makes sure that builder calls abide by dev locks
-  if (builderCall) {
+  if (builderCall && editingApp) {
     await checkDevAppLocks(ctx)
   }