diff --git a/web/root/login.ssjs b/web/root/login.ssjs
index f397c941ba4ff17c11477015021b35c2c83fd954..2f76959c174e4d2dd945d44168e2f3658a745678 100644
--- a/web/root/login.ssjs
+++ b/web/root/login.ssjs
@@ -1,14 +1,14 @@
-if(user.number==0) {
+if(user.number==0 || user.number==system.matchuser('Guest')) {
 	http_reply.status='401 Permission Denied';
 	http_reply.header["WWW-Authenticate"]='Basic realm="'+system.name+'"';
 }
 else {
 // Note: A 302 here would mean the index would be displayed as "/login.ssjs"
-// That is to say, it would display the indes AS login.ssjs.
+// That is to say, it would display the index AS login.ssjs.
 	// http_reply.status='302 Found';
 	http_reply.status='307 Temporary Redirect';
 }
-http_reply.header.location='../index.ssjs';
+http_reply.header.location='/index.ssjs';
 http_reply.header.pragma='no-cache';
 http_reply.header.expires='0';
 http_reply.header['cache-control']='must-revalidate';