diff --git a/lib/Controller/LockingController.php b/lib/Controller/LockingController.php
index 830d1f34..2722e7dc 100644
--- a/lib/Controller/LockingController.php
+++ b/lib/Controller/LockingController.php
@@ -90,6 +90,10 @@ public function lockFolder(int $id): DataResponse {
 			throw new OCSForbiddenException($this->l10n->t('You are not allowed to create the lock'));
 		}
 
+		if ($userFolder->getId() === $id) {
+			throw new OCSForbiddenException($this->l10n->t('You are not allowed to lock the root'));
+		}
+
 		$nodes = $userFolder->getById($id);
 		if (!isset($nodes[0]) || !$nodes[0] instanceof Folder) {
 			throw new OCSForbiddenException($this->l10n->t('You are not allowed to create the lock'));