diff --git a/app/Http/Controllers/ModalController.php b/app/Http/Controllers/ModalController.php
index 61a3cf10b6..795dc25531 100644
--- a/app/Http/Controllers/ModalController.php
+++ b/app/Http/Controllers/ModalController.php
@@ -6,15 +6,43 @@ use App\Helpers\Helper;
 
 class ModalController extends Controller
 {
-    function show($type, $itemId = null) {
-        $view = view("modals.${type}");
 
-        if($type == "statuslabel") {
-            $view->with('statuslabel_types', Helper::statusTypeList());
+    /** 
+     * Load the modal views after confirming they are in the allowed_types array.
+     * The allowed types away just prevents shithead skiddies from fuzzing the urls 
+     * with automated scripts and junking up the logs. - snipe
+     */
+    function show ($type, $itemId = null) {
+
+        $allowed_types = [
+            'category',
+            'kit-model', 
+            'kit-license', 
+            'kit-consumable', 
+            'kit-accessory',
+            'location',
+            'manufacturer',
+            'model',
+            'statuslabel',
+            'supplier',
+            'upload-file',
+            'user',         
+        ];
+
+
+        if (in_array($type, $allowed_types)) {
+            $view = view("modals.${type}");
+
+            if ($type == "statuslabel") {
+                $view->with('statuslabel_types', Helper::statusTypeList());
+            }
+            if (in_array($type, ['kit-model', 'kit-license', 'kit-consumable', 'kit-accessory'])) {
+                $view->with('kitId', $itemId);
+            }
+            return $view;
         }
-        if(in_array($type, ['kit-model', 'kit-license', 'kit-consumable', 'kit-accessory'])) {
-            $view->with('kitId', $itemId);
-        }
-        return $view;
+        
+        abort(404,'Page not found');
+        
     }
 }