diff --git a/src/server/routes.go b/src/server/routes.go
index d7ea6ef..a184494 100644
--- a/src/server/routes.go
+++ b/src/server/routes.go
@@ -5,15 +5,17 @@ import (
 	"log"
 	"math"
 	"net/http"
+	"path/filepath"
 	"reflect"
+	"strings"
 
 	"github.com/nkanaev/yarr/src/assets"
 	"github.com/nkanaev/yarr/src/content/readability"
 	"github.com/nkanaev/yarr/src/content/sanitizer"
 	"github.com/nkanaev/yarr/src/content/silo"
-	"github.com/nkanaev/yarr/src/server/router"
 	"github.com/nkanaev/yarr/src/server/auth"
 	"github.com/nkanaev/yarr/src/server/opml"
+	"github.com/nkanaev/yarr/src/server/router"
 	"github.com/nkanaev/yarr/src/storage"
 	"github.com/nkanaev/yarr/src/worker"
 )
@@ -61,6 +63,12 @@ func (s *Server) handleIndex(c *router.Context) {
 
 func (s *Server) handleStatic(c *router.Context) {
 	// TODO: gzip?
+	// don't serve templates
+	dir, name := filepath.Split(c.Vars["path"])
+	if dir == "" && strings.HasSuffix(name, ".html") {
+		c.Out.WriteHeader(http.StatusNotFound)
+		return
+	}
 	http.StripPrefix(s.BasePath+"/static/", http.FileServer(http.FS(assets.FS))).ServeHTTP(c.Out, c.Req)
 }
 
diff --git a/src/server/routes_test.go b/src/server/routes_test.go
index f2958ec..23d0a53 100644
--- a/src/server/routes_test.go
+++ b/src/server/routes_test.go
@@ -31,3 +31,15 @@ func TestStaticWithBase(t *testing.T) {
 		t.FailNow()
 	}
 }
+
+func TestStaticBanTemplates(t *testing.T) {
+	handler := NewServer(nil, "127.0.0.1:8000").handler()
+	url := "/static/login.html"
+
+	recorder := httptest.NewRecorder()
+	request := httptest.NewRequest("GET", url, nil)
+	handler.ServeHTTP(recorder, request)
+	if recorder.Result().StatusCode != 404 {
+		t.FailNow()
+	}
+}