diff --git a/htdocs/public/project/index.php b/htdocs/public/project/index.php
index 48c77944d72..d3dca7def6f 100644
--- a/htdocs/public/project/index.php
+++ b/htdocs/public/project/index.php
@@ -94,6 +94,12 @@ if ($resultproject < 0) {
 	$errmsg .= $project->error;
 }
 
+// Security check
+if (empty($conf->projet->enabled)) {
+	accessforbidden('', 0, 0, 1);
+}
+
+
 /*
  * Actions
  */
diff --git a/htdocs/public/project/new.php b/htdocs/public/project/new.php
index e4a8b495d7c..240b3d8f036 100644
--- a/htdocs/public/project/new.php
+++ b/htdocs/public/project/new.php
@@ -67,11 +67,6 @@ $action = GETPOST('action', 'aZ09');
 // Load translation files
 $langs->loadLangs(array("members", "companies", "install", "other"));
 
-// Security check
-if (empty($conf->projet->enabled)) {
-	accessforbidden('', 0, 0, 1);
-}
-
 if (empty($conf->global->PROJECT_ENABLE_PUBLIC)) {
 	print $langs->trans("Form for public lead registration has not been enabled");
 	exit;
@@ -86,6 +81,11 @@ $object = new Project($db);
 
 $user->loadDefaultValues();
 
+// Security check
+if (empty($conf->projet->enabled)) {
+	accessforbidden('', 0, 0, 1);
+}
+
 
 /**
  * Show header for new member
diff --git a/htdocs/public/recruitment/index.php b/htdocs/public/recruitment/index.php
index 7d4ec0223f1..cf7e8f8bc24 100644
--- a/htdocs/public/recruitment/index.php
+++ b/htdocs/public/recruitment/index.php
@@ -55,7 +55,10 @@ $email = GETPOST('email', 'alpha');
 
 $object = new RecruitmentJobPosition($db);
 
-
+// Security check
+if (empty($conf->recruitement->enabled)) {
+	accessforbidden('', 0, 0, 1);
+}
 
 
 /*
diff --git a/htdocs/public/recruitment/view.php b/htdocs/public/recruitment/view.php
index 27aaa0fd0f4..2fe6a9af21e 100644
--- a/htdocs/public/recruitment/view.php
+++ b/htdocs/public/recruitment/view.php
@@ -74,6 +74,11 @@ if (!$action) {
 //$urlwithroot=$urlwithouturlroot.DOL_URL_ROOT;		// This is to use external domain name found into config file
 $urlwithroot = DOL_MAIN_URL_ROOT; // This is to use same domain name than current. For Paypal payment, we can use internal URL like localhost.
 
+// Security check
+if (empty($conf->recruitement->enabled)) {
+	accessforbidden('', 0, 0, 1);
+}
+
 
 /*
  * Actions