diff --git a/app/models/concerns/domain/transferable.rb b/app/models/concerns/domain/transferable.rb
index 5400e9409..649600217 100644
--- a/app/models/concerns/domain/transferable.rb
+++ b/app/models/concerns/domain/transferable.rb
@@ -31,7 +31,9 @@ module Concerns::Domain::Transferable
       DomainStatus::PENDING_TRANSFER,
       DomainStatus::FORCE_DELETE,
       DomainStatus::SERVER_TRANSFER_PROHIBITED,
-      DomainStatus::CLIENT_TRANSFER_PROHIBITED
+      DomainStatus::CLIENT_TRANSFER_PROHIBITED,
+      DomainStatus::SERVER_UPDATE_PROHIBITED,
+      DomainStatus::CLIENT_UPDATE_PROHIBITED,
     ]).empty?
   end
 
diff --git a/app/models/registrar.rb b/app/models/registrar.rb
index 168dfdca7..652864fe5 100644
--- a/app/models/registrar.rb
+++ b/app/models/registrar.rb
@@ -153,7 +153,7 @@ class Registrar < ApplicationRecord
         puny = origin.domain.name_puny
         next unless domains.include?(idn) || domains.include?(puny) || domains.empty?
 
-        if origin.domain.nameservers.where(hostname: new_attributes[:hostname]).any?
+        if domain_not_updatable?(hostname: new_attributes[:hostname], domain: origin.domain)
           failed_list << idn
           next
         end
@@ -202,6 +202,10 @@ class Registrar < ApplicationRecord
 
   private
 
+  def domain_not_updatable?(hostname:, domain:)
+    domain.nameservers.where(hostname: hostname).any? || domain.bulk_update_prohibited?
+  end
+
   def set_defaults
     self.language = Setting.default_language unless language
   end
diff --git a/test/integration/api/domain_transfers_test.rb b/test/integration/api/domain_transfers_test.rb
index 3e9c10100..3ed5b0fc6 100644
--- a/test/integration/api/domain_transfers_test.rb
+++ b/test/integration/api/domain_transfers_test.rb
@@ -63,6 +63,23 @@ class APIDomainTransfersTest < ApplicationIntegrationTest
     assert_equal 1, @new_registrar.contacts.where(name: 'William').size
   end
 
+  def test_bulk_transfer_if_domain_has_update_prohibited_status
+    domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED])
+
+    post '/repp/v1/domains/transfer', params: request_params, as: :json,
+         headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :ok
+    assert_equal ({ code: 1000,
+                    message: 'Command completed successfully',
+                    data: { success: [],
+                    failed: [{ type: "domain_transfer",
+                               domain_name: "shop.test",
+                               errors: [{:code=>"2304", :msg=>"Object status prohibits operation"}] }],
+                    }}),
+                JSON.parse(response.body, symbolize_names: true)
+  end
+
   private
 
   def request_params
diff --git a/test/integration/api/nameservers/put_test.rb b/test/integration/api/nameservers/put_test.rb
index 77b01a9b1..a55014709 100644
--- a/test/integration/api/nameservers/put_test.rb
+++ b/test/integration/api/nameservers/put_test.rb
@@ -104,6 +104,25 @@ class APINameserversPutTest < ApplicationIntegrationTest
                  JSON.parse(response.body, symbolize_names: true)
   end
 
+  def test_bulk_namesaervers_if_domain_update_prohibited
+    domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED])
+
+    params = { data: { type: 'nameserver', id: domains(:shop).nameservers.hostnames[0],
+                       attributes: { hostname: 'ns55.bestnames.test' } } }
+    put '/repp/v1/registrar/nameservers', params: params, as: :json,
+        headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+        assert_response :ok
+        assert_equal ({ code: 1000,
+                    message: 'Command completed successfully',
+                    data: { type: "nameserver",
+                            id: "ns55.bestnames.test",
+                            attributes: {hostname: "ns55.bestnames.test"},
+                            affected_domains: ["airport.test"],
+                            skipped_domains: ["shop.test"]}}),
+            JSON.parse(response.body, symbolize_names: true)
+  end
+
   def test_unauthenticated
     put '/repp/v1/registrar/nameservers'
     assert_response 401
diff --git a/test/integration/repp/v1/registrar/nameservers_test.rb b/test/integration/repp/v1/registrar/nameservers_test.rb
index f01769dfb..e2c6f890b 100644
--- a/test/integration/repp/v1/registrar/nameservers_test.rb
+++ b/test/integration/repp/v1/registrar/nameservers_test.rb
@@ -34,6 +34,33 @@ class ReppV1RegistrarNameserversTest < ActionDispatch::IntegrationTest
     assert json[:data][:affected_domains].include? 'shop.test'
   end
 
+  def test_fails_to_update_if_prohibited
+    domain = domains(:shop)
+    domain.update(statuses: [DomainStatus::CLIENT_UPDATE_PROHIBITED])
+    nameserver = nameservers(:shop_ns1)
+    payload = {
+      "data": {
+        "id": nameserver.hostname,
+        "type": "nameserver",
+        "attributes": {
+          "hostname": "#{nameserver.hostname}.test",
+          "ipv4": ["1.1.1.1"]
+        }
+      }
+    }
+
+    put '/repp/v1/registrar/nameservers', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_equal({ hostname: "#{nameserver.hostname}.test", ipv4: ["1.1.1.1"] }, json[:data][:attributes])
+    assert_equal({ hostname: "#{nameserver.hostname}.test", ipv4: ["1.1.1.1"] }, json[:data][:attributes])
+    assert json[:data][:affected_domains].include? 'airport.test'
+    assert json[:data][:skipped_domains].include? 'shop.test'
+  end
+
   def test_nameserver_with_hostname_must_exist
     payload = {
       "data": {