diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index ad0b3699fcb..92588d9ca9e 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -231,6 +231,10 @@ class UsersController < ApplicationController
       return fail_with("login.password_too_long")
     end
 
+    if SiteSetting.reserved_usernames.include? params[:username].downcase
+      return fail_with("login.reserved_username")
+    end
+
     user = User.new(user_params)
 
     # Handle custom fields
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index 6e0d42b25db..a0d42d9f269 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -886,6 +886,8 @@ en:
     min_username_length: "Minimum username length in characters. WARNING: ANY EXISTING USERS WITH NAMES SHORTER THAN THIS WILL BE UNABLE TO ACCESS THE SITE."
     max_username_length: "Maximum username length in characters. WARNING: ANY EXISTING USERS WITH NAMES LONGER THAN THIS WILL BE UNABLE TO ACCESS THE SITE."
 
+    reserved_usernames: "Usernames for which signup is not allowed."
+
     min_password_length: "Minimum password length."
     block_common_passwords: "Don't allow passwords that are in the 10,000 most common passwords."
 
@@ -1287,6 +1289,7 @@ en:
     omniauth_error_unknown: "Something went wrong processing your log in, please try again."
     new_registrations_disabled: "New account registrations are not allowed at this time."
     password_too_long: "Passwords are limited to 200 characters."
+    reserved_username: "That username is not allowed."
     missing_user_field: "You have not completed all the user fields"
     close_window: "Authentication is complete. Close this window to continue."
 
diff --git a/config/site_settings.yml b/config/site_settings.yml
index ab50ecfd4ff..15b18b07cab 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -263,6 +263,9 @@ users:
     default: 20
     min: 8
     max: 60
+  reserved_usernames:
+    type: list
+    default: "admin|moderator|administrator|mod|sys|system|community|info|you|name|username|user|nickname|discourse|discourseorg|discourseforum"
   min_password_length:
     client: true
     default: 8
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index cf657684eaf..0103bb26fe1 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -600,6 +600,13 @@ describe UsersController do
       include_examples 'failed signup'
     end
 
+    context 'with a reserved username' do
+      let(:create_params) { {name: @user.name, username: 'Reserved', email: @user.email, password: "x" * 20} }
+      before { SiteSetting.reserved_usernames = 'a|reserved|b' }
+      after { SiteSetting.reserved_usernames = nil }
+      include_examples 'failed signup'
+    end
+
     context 'when an Exception is raised' do
       [ ActiveRecord::StatementInvalid,
         RestClient::Forbidden ].each do |exception|