diff --git a/app/Http/Controllers/PublicController.php b/app/Http/Controllers/PublicController.php
index ebdebf3..528af09 100644
--- a/app/Http/Controllers/PublicController.php
+++ b/app/Http/Controllers/PublicController.php
@@ -14,6 +14,7 @@ use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Foundation\Bus\DispatchesJobs;
 use Illuminate\Foundation\Validation\ValidatesRequests;
 use Illuminate\Routing\Controller as BaseController;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Storage;
 use phpDocumentor\Reflection\Types\Integer;
@@ -44,7 +45,12 @@ class PublicController extends BaseController
     public function listGalleryImagesView($tenant, $gallery) {
         $tenant = Tenant::query()->where("url", "=", $tenant)->firstOrFail();
         $gallery = Gallery::getByTenantAndUrl($tenant->id, $gallery);
-        $images = Image::query()->where("gallery", "=", $gallery->id)->whereNull("deleted_at")->get();
+        if($gallery->status == "online" || ($gallery->status == "preview" && Auth::user()->id == $tenant->owner)) {
+            $images = Image::query()->where("gallery", "=", $gallery->id)->whereNull("deleted_at")->get();
+        } else {
+            abort( 404);
+        }
+
         return view("themes.gallery.gallery-detail.list", ["gallery" => $gallery, "tenant" => $tenant, "images" => $images]);
     }