diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5dc779dba..467738562 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,6 +18,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Set the performance column of the holdings table to stick at the end
 - Skipped the caching in the portfolio calculator if there are active filters (experimental)
+- Improved the `INACTIVE` user role
 
 ### Fixed
 
diff --git a/apps/api/src/app/auth/jwt.strategy.ts b/apps/api/src/app/auth/jwt.strategy.ts
index c7ce38986..a8ad8fd08 100644
--- a/apps/api/src/app/auth/jwt.strategy.ts
+++ b/apps/api/src/app/auth/jwt.strategy.ts
@@ -2,10 +2,12 @@ import { UserService } from '@ghostfolio/api/app/user/user.service';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { HEADER_KEY_TIMEZONE } from '@ghostfolio/common/config';
+import { hasRole } from '@ghostfolio/common/permissions';
 
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { HttpException, Injectable } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
 import * as countriesAndTimezones from 'countries-and-timezones';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
 import { ExtractJwt, Strategy } from 'passport-jwt';
 
 @Injectable()
@@ -29,6 +31,13 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
 
       if (user) {
         if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
+          if (hasRole(user, 'INACTIVE')) {
+            throw new HttpException(
+              getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+              StatusCodes.TOO_MANY_REQUESTS
+            );
+          }
+
           const country =
             countriesAndTimezones.getCountryForTimezone(timezone)?.id;
 
@@ -45,10 +54,20 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
 
         return user;
       } else {
-        throw '';
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.NOT_FOUND),
+          StatusCodes.NOT_FOUND
+        );
+      }
+    } catch (error) {
+      if (error?.getStatus() === StatusCodes.TOO_MANY_REQUESTS) {
+        throw error;
+      } else {
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.UNAUTHORIZED),
+          StatusCodes.UNAUTHORIZED
+        );
       }
-    } catch (err) {
-      throw new UnauthorizedException('unauthorized', err.message);
     }
   }
 }
diff --git a/apps/api/src/app/user/user.controller.ts b/apps/api/src/app/user/user.controller.ts
index 14c545192..39e78dcdc 100644
--- a/apps/api/src/app/user/user.controller.ts
+++ b/apps/api/src/app/user/user.controller.ts
@@ -2,11 +2,7 @@ import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorat
 import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
 import { User, UserSettings } from '@ghostfolio/common/interfaces';
-import {
-  hasPermission,
-  hasRole,
-  permissions
-} from '@ghostfolio/common/permissions';
+import { hasPermission, permissions } from '@ghostfolio/common/permissions';
 import type { RequestWithUser } from '@ghostfolio/common/types';
 
 import {
@@ -63,13 +59,6 @@ export class UserController {
   public async getUser(
     @Headers('accept-language') acceptLanguage: string
   ): Promise<User> {
-    if (hasRole(this.request.user, 'INACTIVE')) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
-        StatusCodes.TOO_MANY_REQUESTS
-      );
-    }
-
     return this.userService.getUser(
       this.request.user,
       acceptLanguage?.split(',')?.[0]
diff --git a/apps/client/src/app/core/auth.guard.ts b/apps/client/src/app/core/auth.guard.ts
index 52d1e14ab..ee5ed77cd 100644
--- a/apps/client/src/app/core/auth.guard.ts
+++ b/apps/client/src/app/core/auth.guard.ts
@@ -54,9 +54,10 @@ export class AuthGuard {
               this.router.navigate(['/' + $localize`register`]);
               resolve(false);
             } else if (
-              AuthGuard.PUBLIC_PAGE_ROUTES.filter((publicPageRoute) =>
-                state.url.startsWith(publicPageRoute)
-              )?.length > 0
+              AuthGuard.PUBLIC_PAGE_ROUTES.filter((publicPageRoute) => {
+                const [, url] = state.url.split('/');
+                return `/${url}` === publicPageRoute;
+              })?.length > 0
             ) {
               resolve(true);
               return EMPTY;