diff --git a/plume-models/src/instance.rs b/plume-models/src/instance.rs
index 331ecca..52830aa 100644
--- a/plume-models/src/instance.rs
+++ b/plume-models/src/instance.rs
@@ -75,6 +75,19 @@ impl Instance {
             .expect("Couldn't block/unblock instance");
     }
 
+    /// id: AP object id
+    pub fn is_blocked(conn: &PgConnection, id: String) -> bool {
+        for block in instances::table.filter(instances::blocked.eq(true))
+            .get_results::<Instance>(conn)
+            .expect("Error listing blocked instances") {
+            if id.starts_with(format!("https://{}", block.public_domain).as_str()) {
+                return true;
+            }
+        }
+
+        false
+    }
+
     pub fn has_admin(&self, conn: &PgConnection) -> bool {
         users::table.filter(users::instance_id.eq(self.id))
             .filter(users::is_admin.eq(true))
diff --git a/src/routes/instance.rs b/src/routes/instance.rs
index 41243ad..0251ef9 100644
--- a/src/routes/instance.rs
+++ b/src/routes/instance.rs
@@ -155,7 +155,7 @@ fn admin_instances_paginated(admin: Admin, conn: DbConn, page: Page) -> Template
 }
 
 #[get("/admin/instances/<id>/block")]
-fn toggle_block(admin: Admin, conn: DbConn, id: i32) -> Redirect {
+fn toggle_block(_admin: Admin, conn: DbConn, id: i32) -> Redirect {
     if let Some(inst) = Instance::get(&*conn, id) {
         inst.toggle_block(&*conn);
     }
@@ -166,6 +166,13 @@ fn toggle_block(admin: Admin, conn: DbConn, id: i32) -> Redirect {
 #[post("/inbox", data = "<data>")]
 fn shared_inbox(conn: DbConn, data: String) -> String {
     let act: serde_json::Value = serde_json::from_str(&data[..]).unwrap();
+
+    let activity = act.clone();
+    let actor_id = activity["actor"].as_str()
+        .unwrap_or_else(|| activity["actor"]["id"].as_str().expect("No actor ID for incoming activity, blocks by panicking"));
+    if Instance::is_blocked(&*conn, actor_id.to_string()) {
+        return String::new();
+    }
     let instance = Instance::get_local(&*conn).unwrap();
     match instance.received(&*conn, act) {
         Ok(_) => String::new(),
diff --git a/src/routes/user.rs b/src/routes/user.rs
index f2b8aaf..7963256 100644
--- a/src/routes/user.rs
+++ b/src/routes/user.rs
@@ -282,6 +282,13 @@ fn outbox(name: String, conn: DbConn) -> ActivityStream<OrderedCollection> {
 fn inbox(name: String, conn: DbConn, data: String) -> String {
     let user = User::find_local(&*conn, name).unwrap();
     let act: serde_json::Value = serde_json::from_str(&data[..]).unwrap();
+
+    let activity = act.clone();
+    let actor_id = activity["actor"].as_str()
+        .unwrap_or_else(|| activity["actor"]["id"].as_str().expect("User: No actor ID for incoming activity, blocks by panicking"));
+    if Instance::is_blocked(&*conn, actor_id.to_string()) {
+        return String::new();
+    }
     match user.received(&*conn, act) {
         Ok(_) => String::new(),
         Err(e) => {