diff --git a/mod/ignored.php b/mod/ignored.php
deleted file mode 100644
index 6e0cf92a6..000000000
--- a/mod/ignored.php
+++ /dev/null
@@ -1,52 +0,0 @@
-<?php
-
-use Friendica\App;
-use Friendica\Database\DBA;
-use Friendica\Model\Item;
-
-function ignored_init(App $a)
-{
-	if (!local_user()) {
-		exit();
-	}
-
-	if ($a->argc > 1) {
-		$message_id = intval($a->argv[1]);
-	}
-
-	if (empty($message_id)) {
-		exit();
-	}
-
-	$thread = Item::selectFirstThreadForUser(local_user(), ['uid', 'ignored'], ['iid' => $message_id]);
-	if (!DBA::isResult($thread)) {
-		exit();
-	}
-
-	// Numeric values are needed for the json output further below
-	$ignored = ($thread['ignored'] ? 0 : 1);
-
-	if ($thread['uid'] != 0) {
-		DBA::update('thread', ['ignored' => $ignored], ['iid' => $message_id]);
-	} else {
-		DBA::update('user-item', ['ignored' => $ignored], ['iid' => $message_id, 'uid' => local_user()], true);
-	}
-
-	// See if we've been passed a return path to redirect to
-	$return_path = $_REQUEST['return'] ?? '';
-	if ($return_path) {
-		$rand = '_=' . time();
-		if (strpos($return_path, '?')) {
-			$rand = "&$rand";
-		} else {
-			$rand = "?$rand";
-		}
-
-		$a->internalRedirect($return_path . $rand);
-	}
-
-	// the json doesn't really matter, it will either be 0 or 1
-
-	echo json_encode($ignored);
-	exit();
-}
diff --git a/src/Module/Item/Ignore.php b/src/Module/Item/Ignore.php
new file mode 100644
index 000000000..6a28310b4
--- /dev/null
+++ b/src/Module/Item/Ignore.php
@@ -0,0 +1,78 @@
+<?php
+
+namespace Friendica\Module\Item;
+
+use Friendica\App;
+use Friendica\BaseModule;
+use Friendica\Core\L10n\L10n;
+use Friendica\Core\Session;
+use Friendica\Core\System;
+use Friendica\Database\Database;
+use Friendica\Model\Item;
+use Friendica\Network\HTTPException;
+
+/**
+ * Module for ignoring threads or user items
+ */
+class Ignore extends BaseModule
+{
+	public static function rawContent()
+	{
+		/** @var L10n $l10n */
+		$l10n = self::getClass(L10n::class);
+
+		if (!Session::isAuthenticated()) {
+			throw new HttpException\ForbiddenException($l10n->t('Access denied.'));
+		}
+
+		/** @var App\Arguments $args */
+		$args = self::getClass(App\Arguments::class);
+		/** @var Database $dba */
+		$dba = self::getClass(Database::class);
+
+		$message_id = intval($args->get(2));
+
+		if (empty($message_id) || !is_int($message_id)) {
+			throw new HTTPException\BadRequestException();
+		}
+
+		$thread = Item::selectFirstThreadForUser(local_user(), ['uid', 'ignored'], ['iid' => $message_id]);
+		if (!$dba->isResult($thread)) {
+			throw new HTTPException\BadRequestException();
+		}
+
+		// Numeric values are needed for the json output further below
+		$ignored = !empty($thread['ignored']) ? 0 : 1;
+
+		switch ($thread['uid'] ?? 0) {
+			// if the thread is from the current user
+			case local_user():
+				$dba->update('thread', ['ignored' => $ignored], ['iid' => $message_id]);
+				break;
+			// 0 (null will get transformed to 0) => it's a public post
+			case 0:
+				$dba->update('user-item', ['ignored' => $ignored], ['iid' => $message_id, 'uid' => local_user()], true);
+				break;
+			// Throws a BadRequestException and not a ForbiddenException on purpose
+			// Avoids harvesting existing, but forbidden IIDs (security issue)
+			default:
+				throw new HTTPException\BadRequestException();
+		}
+
+		// See if we've been passed a return path to redirect to
+		$return_path = $_REQUEST['return'] ?? '';
+		if (!empty($return_path)) {
+			$rand = '_=' . time();
+			if (strpos($return_path, '?')) {
+				$rand = "&$rand";
+			} else {
+				$rand = "?$rand";
+			}
+
+			self::getApp()->internalRedirect($return_path . $rand);
+		}
+
+		// the json doesn't really matter, it will either be 0 or 1
+		System::jsonExit([$ignored]);
+	}
+}
diff --git a/static/routes.config.php b/static/routes.config.php
index 7cc9fdaa6..3379ee113 100644
--- a/static/routes.config.php
+++ b/static/routes.config.php
@@ -128,16 +128,21 @@ return [
 		'/{group:\d+}/add/{contact:\d+}'    => [Module\Group::class, [R::GET, R::POST]],
 		'/{group:\d+}/remove/{contact:\d+}' => [Module\Group::class, [R::GET, R::POST]],
 	],
-	'/hashtag'            => [Module\Hashtag::class, [R::GET]],
-	'/home'               => [Module\Home::class,    [R::GET]],
-	'/help[/{doc:.+}]'    => [Module\Help::class,    [R::GET]],
-	'/inbox[/{nickname}]' => [Module\Inbox::class,   [R::GET, R::POST]],
-	'/invite'             => [Module\Invite::class,  [R::GET, R::POST]],
+	'/hashtag'            => [Module\Hashtag::class,      [R::GET]],
+	'/home'               => [Module\Home::class,         [R::GET]],
+	'/help[/{doc:.+}]'    => [Module\Help::class,         [R::GET]],
+	'/inbox[/{nickname}]' => [Module\Inbox::class,        [R::GET, R::POST]],
+	'/invite'             => [Module\Invite::class,       [R::GET, R::POST]],
 
 	'/install'         => [
 		'[/]'                    => [Module\Install::class, [R::GET, R::POST]],
 		'/testrewrite'           => [Module\Install::class, [R::GET]],
 	],
+
+	'/item'            => [
+		'/ignore/{id}' => [Module\Item\Ignore::class, [R::GET]],
+	],
+
 	'/like/{item:\d+}' => [Module\Like::class,            [R::GET]],
 	'/localtime'       => [Module\Debug\Localtime::class, [R::GET, R::POST]],
 	'/login'           => [Module\Login::class,           [R::GET, R::POST]],
diff --git a/view/js/main.js b/view/js/main.js
index 47e7b968d..40db7c2a1 100644
--- a/view/js/main.js
+++ b/view/js/main.js
@@ -629,7 +629,7 @@ function dostar(ident) {
 function doignore(ident) {
 	ident = ident.toString();
 	$('#like-rotator-' + ident).show();
-	$.get('ignored/' + ident, function(data) {
+	$.get('item/ignore/' + ident, function(data) {
 		if (data.match(/1/)) {
 			$('#ignored-' + ident).addClass('ignored');
 			$('#ignored-' + ident).removeClass('unignored');