diff --git a/src/Blob/Controllers/BlobController.cs b/src/Blob/Controllers/BlobController.cs
index ef88a791b449dc18a04ed868caeba7651539afd7..55e0989bef8808c5dd9eb87f8b252109addfeb7f 100644
--- a/src/Blob/Controllers/BlobController.cs
+++ b/src/Blob/Controllers/BlobController.cs
@@ -1,4 +1,4 @@
-using Coscine.ApiCommons;
+using Coscine.ApiCommons;
 using Coscine.Configuration;
 using Coscine.Database.DataModel;
 using Coscine.Database.Models;
@@ -106,7 +106,7 @@ namespace Coscine.Api.Blob.Controllers
 
             if (user == null || !_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member))
             {
-                return Forbid("User does not have permission to the resource.");
+                return BadRequest("User does not have permission to the resource.");
             }
 
             if ((resource.Type.DisplayName.ToLower() == "rds" || resource.Type.DisplayName.ToLower() == "rdss3") && resource.ResourceTypeOptionId.HasValue)
@@ -210,6 +210,11 @@ namespace Coscine.Api.Blob.Controllers
                 return checkUser;
             }
 
+            if (resource.Archived == "1")
+            {
+                return BadRequest("The resource is readonly!");
+            }
+
             if (files.Count != 1)
             {
                 return BadRequest($"Only one file can be uploaded per request.");
@@ -277,6 +282,12 @@ namespace Coscine.Api.Blob.Controllers
             {
                 return checkUser;
             }
+
+            if (resource.Archived == "1")
+            {
+                return BadRequest("The resource is readonly!");
+            }
+
             try
             {
                 var resourceTypeOptions = _resourceModel.GetResourceTypeOptions(resource.Id);