diff --git a/app/Http/Controllers/BookmarkController.php b/app/Http/Controllers/BookmarkController.php
index a340460b9f..59ffeab36a 100644
--- a/app/Http/Controllers/BookmarkController.php
+++ b/app/Http/Controllers/BookmarkController.php
@@ -7,6 +7,7 @@
 use Auth;
 use Illuminate\Http\Request;
 use App\Services\BookmarkService;
+use App\Services\FollowerService;
 
 class BookmarkController extends Controller
 {
@@ -24,6 +25,16 @@ public function store(Request $request)
         $profile = Auth::user()->profile;
         $status = Status::findOrFail($request->input('item'));
 
+        abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
+
+        if($status->scope == 'private') {
+            abort_if(
+                $profile->id !== $status->profile_id && !FollowerService::follows($profile->id, $status->profile_id),
+                404,
+                'Error: Cannot bookmark private posts from accounts you do not follow.'
+            );
+        }
+
         $bookmark = Bookmark::firstOrCreate(
             ['status_id' => $status->id], ['profile_id' => $profile->id]
         );