diff --git a/app/controllers/challenges_controller.rb b/app/controllers/challenges_controller.rb
index 54f545e5..5bd8f537 100644
--- a/app/controllers/challenges_controller.rb
+++ b/app/controllers/challenges_controller.rb
@@ -465,7 +465,7 @@ class ChallengesController < ApplicationController
       render_404
       return
     else
-      if (@shixun.status == 0 && !User.current.manager_of_shixun?(@shixun))
+      if (@shixun.status == 0 && !User.current.manager_of_shixun?(@shixun)) || @shixun.status == -1
         render_403
         return
       end
diff --git a/app/controllers/shixuns_controller.rb b/app/controllers/shixuns_controller.rb
index d91ec474..95d19d93 100644
--- a/app/controllers/shixuns_controller.rb
+++ b/app/controllers/shixuns_controller.rb
@@ -1215,7 +1215,7 @@ class ShixunsController < ApplicationController
   # Find shixun of id params[:id]
   def find_shixun
     @shixun = Shixun.find_by_identifier(params[:id])
-    render_404 if @shixun.nil?
+    render_404 if @shixun.nil? || @shixun.status == -1
   rescue ActiveRecord::RecordNotFound
     render_404
   end
@@ -1362,4 +1362,8 @@ class ShixunsController < ApplicationController
   def validation_email
     render_403 if User.current.mail.blank?
   end
+
+  def validate_shixun
+
+  end
 end