diff --git a/app/controllers/file_controller.rb b/app/controllers/file_controller.rb
index bae7b33b..b5d58422 100644
--- a/app/controllers/file_controller.rb
+++ b/app/controllers/file_controller.rb
@@ -5,6 +5,8 @@ require 'instiki_errors'
 class FileController < ApplicationController
 
   layout 'default'
+  
+  before_filter :check_allow_uploads
 
   def file
     check_path
@@ -43,6 +45,17 @@ class FileController < ApplicationController
     end
   end
 
+
+  protected
+  
+  def check_allow_uploads
+    unless @web.allow_uploads
+      render_text 'File uploads are blocked by the webmaster', '403 Forbidden'
+      return false
+    end
+  end
+
+
   private 
   
   def check_path
diff --git a/test/functional/file_controller_test.rb b/test/functional/file_controller_test.rb
index cc60caa2..0943aa53 100644
--- a/test/functional/file_controller_test.rb
+++ b/test/functional/file_controller_test.rb
@@ -114,4 +114,14 @@ class FileControllerTest < Test::Unit::TestCase
         @home.display_content
   end
 
+  def test_uploads_blocking
+    @web.allow_uploads = true
+    r = process 'file', 'web' => 'wiki1', 'id' => 'filename'
+    assert_success
+
+    @web.allow_uploads = false
+    r = process 'file', 'web' => 'wiki1', 'id' => 'filename'
+    assert_equal '403 Forbidden', r.headers['Status']
+  end
+
 end