diff --git a/daemon_get.py b/daemon_get.py
index 116c56b1e..245689934 100644
--- a/daemon_get.py
+++ b/daemon_get.py
@@ -305,6 +305,12 @@ def daemon_http_get(self) -> None:
         http_403(self)
         return
 
+    # config.json should not be accessible
+    if self.path.startswith('/config.json'):
+        print('GET HTTP Attempt to get configuration file ' + self.path)
+        http_404(self, 145)
+        return
+
     # php
     if self.path.endswith('.php'):
         print('GET HTTP Attempt to access PHP file ' + self.path)
@@ -314,7 +320,7 @@ def daemon_http_get(self) -> None:
     # py
     if self.path.endswith('.py'):
         print('GET HTTP Attempt to access Python file ' + self.path)
-        http_404(self, 146)
+        http_404(self, 145)
         return
 
     if contains_invalid_chars(str(self.headers)):
diff --git a/daemon_post.py b/daemon_post.py
index 33db6ef48..61cc20295 100644
--- a/daemon_post.py
+++ b/daemon_post.py
@@ -116,6 +116,12 @@ def daemon_http_post(self) -> None:
         http_403(self)
         return
 
+    # config.json should not be accessible
+    if self.path.startswith('/config.json'):
+        print('POST HTTP Attempt to post configuration file ' + self.path)
+        http_404(self, 146)
+        return
+
     # php
     if self.path.endswith('.php'):
         print('POST HTTP Attempt to access PHP file ' + self.path)