diff --git a/api/base64.php b/api/base64.php
index 2b0bb38..364d17a 100644
--- a/api/base64.php
+++ b/api/base64.php
@@ -13,8 +13,7 @@ include_once(ROOT . DS . 'inc' . DS. 'core.php');
 loadAllContentControllers();
 
 // check if client has permission to upload
-if(defined('ALLOWED_SUBNET') && !isIPInRange( getUserIP(), ALLOWED_SUBNET ))
-    exit(json_encode(array('status'=>'err','reason'=> 'Access denied')));
+executeUploadPermission();
 
 // check write permissions first
 if(!isFolderWritable(ROOT.DS.'data'))
diff --git a/api/geturl.php b/api/geturl.php
index 42c2f77..fdbd727 100644
--- a/api/geturl.php
+++ b/api/geturl.php
@@ -13,8 +13,7 @@ include_once(ROOT . DS . 'inc' . DS. 'core.php');
 loadAllContentControllers();
 
 // check if client has permission to upload
-if(defined('ALLOWED_SUBNET') && !isIPInRange( getUserIP(), ALLOWED_SUBNET ))
-    exit(json_encode(array('status'=>'err','reason'=> 'Access denied')));
+executeUploadPermission();
 
 // check write permissions first
 if(!isFolderWritable(ROOT.DS.'data'))
diff --git a/api/pastebin.php b/api/pastebin.php
index b50a3db..4c87839 100644
--- a/api/pastebin.php
+++ b/api/pastebin.php
@@ -15,8 +15,7 @@ if(!in_array('TextController',$controllers))
     exit(json_encode(array('status'=>'err','reason'=>'Text controller not enabled')));
 
 // check if client has permission to upload
-if(defined('ALLOWED_SUBNET') && !isIPInRange( getUserIP(), ALLOWED_SUBNET ))
-    exit(json_encode(array('status'=>'err','reason'=> 'Access denied')));
+executeUploadPermission();
 
 // check write permissions first
 if(!isFolderWritable(ROOT.DS.'data'))
diff --git a/api/upload.php b/api/upload.php
index 06ab2ac..8700057 100644
--- a/api/upload.php
+++ b/api/upload.php
@@ -19,8 +19,7 @@ else if(!isFolderWritable(ROOT.DS.'tmp'))
     exit(json_encode(array('status'=>'err','reason'=>'Temp directory not writable')));
 
 // check if client has permission to upload
-if(defined('ALLOWED_SUBNET') && !isIPInRange( getUserIP(), ALLOWED_SUBNET ))
-    exit(json_encode(array('status'=>'err','reason'=> 'Access denied')));
+executeUploadPermission();
 
 $hash = sanatizeString(trim($_REQUEST['hash']))?sanatizeString(trim($_REQUEST['hash'])):false;
 
diff --git a/inc/core.php b/inc/core.php
index a603c37..af41461 100644
--- a/inc/core.php
+++ b/inc/core.php
@@ -691,4 +691,13 @@ function isCloudflare() {
     $ipCheck        = _cloudflare_CheckIP($_SERVER['REMOTE_ADDR']);
     $requestCheck   = _cloudflare_Requests_Check();
     return ($ipCheck && $requestCheck);
+}
+
+function executeUploadPermission()
+{
+    if(defined('ALLOWED_SUBNET') && !isIPInRange( getUserIP(), ALLOWED_SUBNET ))
+    {
+        http_response_code(403);
+        exit(json_encode(array('status'=>'err','reason'=> 'Access denied')));
+    }
 }
\ No newline at end of file