diff --git a/src/sbbs3/websrvr.c b/src/sbbs3/websrvr.c
index 0ed12ff337a9e80c731e7a6e63d3b83483a610e2..e3d816cc0f6e2eebf2835b16a2d1a3af243a6199 100644
--- a/src/sbbs3/websrvr.c
+++ b/src/sbbs3/websrvr.c
@@ -1751,7 +1751,7 @@ static BOOL check_request(http_session_t * session)
 			,session->socket,path,root_dir);
 		return(FALSE);
 	}
-	if(stat(path,&sb)) {
+	if(stat(path,&sb) || IS_PATH_DELIM(*(lastchar(path)))) {
 		/* Check if sneaky CGI script */
 		if(!check_extra_path(session,path))
 		{