diff --git a/index.php b/index.php
index a05287d..03989d6 100644
--- a/index.php
+++ b/index.php
@@ -103,6 +103,11 @@ $otherFiles = array();
 
 $realDir = IMAGES_DIR.$shortPath;
 
+if (! is_dir($realDir)) {
+	header("HTTP/1.1 404 Not Found");
+	die("Directory Not Found");
+}
+
 foreach (scandir($realDir) as $file) if ($file != '.' and $file != '..')
 {
 	if (is_dir("$realDir/$file"))
diff --git a/view.php b/view.php
index 33b935f..1f98767 100644
--- a/view.php
+++ b/view.php
@@ -24,6 +24,11 @@ if ($shortPath == '/') $shortPath = '';
 // extra security check to avoid /photos/index/../.. like urls, maybe useless but..
 if (strpos($shortPath, '..') !== false) die(".. found in url");
 
+if (! is_file(IMAGES_DIR.$shortPath)) {
+	header("HTTP/1.1 404 Not Found");
+	die("File Not Found");
+}
+
 $scriptPath = $_SERVER["SCRIPT_NAME"];
 
 // get all images in an array