diff --git a/app/api.rb b/app/api.rb
index e2507c42..4eb04b62 100644
--- a/app/api.rb
+++ b/app/api.rb
@@ -183,6 +183,8 @@ post '/api/:name' do
 end
 
 def require_api_credentials
+  return true if current_site
+
   if !request.env['HTTP_AUTHORIZATION'].nil?
     init_api_credentials
     api_error(403, 'email_not_validated', 'you need to validate your email address before using the API') if email_not_validated?
diff --git a/app/create.rb b/app/create.rb
index 48f4e255..d2f3b1e6 100644
--- a/app/create.rb
+++ b/app/create.rb
@@ -64,15 +64,6 @@ end
 
 post '/create' do
   content_type :json
-
-  if banned?(true)
-    signout
-    session[:banned] = true if !session[:banned]
-
-    flash[:error] = 'There was an error, please <a href="/contact">contact support</a> to log in.'
-    redirect '/'
-  end
-
   dashboard_if_signed_in
 
   @site = Site.new(
diff --git a/app_helpers.rb b/app_helpers.rb
index 3ad82439..d5de7a48 100644
--- a/app_helpers.rb
+++ b/app_helpers.rb
@@ -16,8 +16,6 @@ end
 
 def require_login
   redirect '/' unless signed_in? && current_site
-  enforce_ban if banned?
-  signout if deleted?
 end
 
 def signed_in?
@@ -27,30 +25,18 @@ end
 def current_site
   return nil if session[:id].nil?
   @_site ||= Site[id: session[:id]]
+  @_parent_site ||= @_site.parent
+
+  if @_site.is_banned || @_site.is_deleted || (@_parent_site && (@_parent_site.is_banned || @_parent_site.is_deleted))
+    signout
+    redirect '/'
+  end
+
+  @_site
 end
 
 def parent_site
-  return nil if current_site.nil?
-  current_site.parent? ? current_site : current_site.parent
-end
-
-def deleted?
-  return true if current_site && current_site.is_deleted
-  false
-end
-
-def banned?(ip_check=false)
-  #return true if session[:banned]
-  return true if current_site && (current_site.is_banned || parent_site.is_banned)
-
-  return true if ip_check && Site.banned_ip?(request.ip)
-  false
-end
-
-def enforce_ban
-  signout
-  session[:banned] = true
-  redirect '/'
+  @_parent_site || current_site
 end
 
 def meta_robots(newtag=nil)
diff --git a/models/site.rb b/models/site.rb
index a4796725..99399d78 100644
--- a/models/site.rb
+++ b/models/site.rb
@@ -524,10 +524,6 @@ class Site < Sequel::Model
     true
   end
 
-  def is_banned?
-    is_banned
-  end
-
   def unban!
     undelete!
     self.is_banned = false
diff --git a/tests/api_tests.rb b/tests/api_tests.rb
index f6d051bd..96feec60 100644
--- a/tests/api_tests.rb
+++ b/tests/api_tests.rb
@@ -308,6 +308,18 @@ describe 'api' do
       _(site_file_exists?('test.jpg')).must_equal true
     end
 
+    it 'succeeds with valid user session' do
+      create_site
+      post '/api/upload',
+           {'test.jpg' => Rack::Test::UploadedFile.new('./tests/files/test.jpg', 'image/jpeg'),
+            'csrf_token' => 'abcd'},
+           {'rack.session' => { 'id' => @site.id, '_csrf_token' => 'abcd' }}
+
+      _(res[:result]).must_equal 'success'
+      _(last_response.status).must_equal 200
+      _(site_file_exists?('test.jpg')).must_equal true
+    end
+
     it 'fails with bad api key' do
       create_site
       @site.generate_api_key!