diff --git a/bugsink/middleware.py b/bugsink/middleware.py
index 27dddf8..4851097 100644
--- a/bugsink/middleware.py
+++ b/bugsink/middleware.py
@@ -9,7 +9,9 @@ from django.utils.translation import get_supported_language_variant
 from django.utils.translation.trans_real import parse_accept_lang_header
 from django.utils import translation
 from django.urls import get_script_prefix
-from django.http import HttpResponseBadRequest
+from django.http import HttpResponseBadRequest, Http404
+
+from bugsink.app_settings import get_settings
 
 
 performance_logger = logging.getLogger("bugsink.performance.views")
@@ -104,6 +106,18 @@ class LoginRequiredMiddleware:
         return login_required(view_func)(request, *view_args, **view_kwargs)
 
 
+class AdminRequiresSettingMiddleware:
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        if request.path.startswith("/admin/") and not get_settings().USE_ADMIN:
+            raise Http404
+
+        return self.get_response(request)
+
+
 class PerformanceStatsMiddleware:
     """TSTTCPW to get some handle on view-performance (mostly for UI views). The direct cause for introducing this is
     that I got sent on a wild goose chase by the Django Debug Toolbar, which reported long (>100ms) CPU times for some
diff --git a/bugsink/settings/default.py b/bugsink/settings/default.py
index 60867ba..528eca8 100644
--- a/bugsink/settings/default.py
+++ b/bugsink/settings/default.py
@@ -139,6 +139,7 @@ MIDDLEWARE = [
     'verbose_csrf_middleware.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
 
+    'bugsink.middleware.AdminRequiresSettingMiddleware',
     'bugsink.middleware.LoginRequiredMiddleware',
 
     # note on ordering: we need request.user, so after AuthenticationMiddleware; and we're not tied to "before
diff --git a/bugsink/settings/development.py b/bugsink/settings/development.py
index 692e7d9..89591b7 100644
--- a/bugsink/settings/development.py
+++ b/bugsink/settings/development.py
@@ -91,8 +91,8 @@ BUGSINK = {
     "BASE_URL": "http://bugsink:8000",  # no trailing slash
     "SITE_TITLE": "Bugsink",  # you can customize this as e.g. "My Bugsink" or "Bugsink for My Company"
 
-    # undocumented feature: this enables links to the admin interface in the header/footer. I'm not sure where the admin
-    # will fit in the final version, so that's why it's not documented.
+    # undocumented feature: this enables the admin interface. I'm not sure where the admin will fit in the final
+    # version, so that's why it's not documented.
     "USE_ADMIN": True,
 
     # In development, I want to be able to upload broken events, so I can test their downstream rendering/processing.