diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 6a99d38b..af6faecb 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -1275,6 +1275,7 @@ function mod_ban_post($board, $delete, $post, $token = false) {
 	if (!hasPermission($config['mod']['delete'], $board))
 		error($config['error']['noaccess']);
 
+
 	$security_token = make_secure_link_token($board . '/ban/' . $post);
 	
 	$query = prepare(sprintf('SELECT ' . ($config['ban_show_post'] ? '*' : '`ip`, `thread`') .
@@ -1288,6 +1289,8 @@ function mod_ban_post($board, $delete, $post, $token = false) {
 	$ip = $_post['ip'];
 
 	if (isset($_POST['new_ban'], $_POST['reason'], $_POST['length'], $_POST['board'])) {
+		if (!in_array($_POST['board'], $mod['boards']) && $mod['boards'][0] != '*')
+			error($config['error']['noaccess']);
 		require_once 'inc/mod/ban.php';
 		
 		if (isset($_POST['ip']))
diff --git a/templates/mod/dashboard.html b/templates/mod/dashboard.html
index 7b907533..052a326f 100644
--- a/templates/mod/dashboard.html
+++ b/templates/mod/dashboard.html
@@ -3,6 +3,7 @@
 	
 	<ul>
 		{% for board in boards %}
+		{% if board.uri in mod.boards or mod.boards[0] == '*' %}
 			<li>
 				<a href="?/{{ config.board_path|sprintf(board.uri) }}{{ config.file_index }}">{{ config.board_abbreviation|sprintf(board.uri) }}</a>
 					 - 
@@ -20,6 +21,7 @@
 					 <a href="?/edit/{{ board.uri }}"><small>[{% trans 'edit' %}]</small></a>
 				{% endif %}
 			</li>
+		{% endif %}
 		{% endfor %}
 		
 		{% if mod|hasPermission(config.mod.newboard) %}