diff --git a/Xext/namespace/hook-server.c b/Xext/namespace/hook-server.c
new file mode 100644
index 000000000..d99b249a1
--- /dev/null
+++ b/Xext/namespace/hook-server.c
@@ -0,0 +1,37 @@
+#define HOOK_NAME "server"
+
+#include <dix-config.h>
+
+#include "dix/dix_priv.h"
+#include "dix/registry_priv.h"
+#include "Xext/xacestr.h"
+
+#include "namespace.h"
+#include "hooks.h"
+
+void hookServerAccess(CallbackListPtr *pcbl, void *unused, void *calldata)
+{
+    XNS_HOOK_HEAD(XaceServerAccessRec);
+
+    if (subj->ns->superPower)
+        goto pass;
+
+    switch (client->majorOp) {
+        case X_ListFonts:
+        case X_ListFontsWithInfo:
+            goto pass;
+
+        case X_GrabServer:
+            goto reject;
+    }
+
+    XNS_HOOK_LOG("BLOCKED access to server configuration request %s\n",
+        LookupRequestName(client->majorOp, client->minorOp));
+
+reject:
+    param->status = BadAccess;
+    return;
+
+pass:
+    param->status = Success;
+}
diff --git a/Xext/namespace/hooks.h b/Xext/namespace/hooks.h
index 7e7f64993..08093ac40 100644
--- a/Xext/namespace/hooks.h
+++ b/Xext/namespace/hooks.h
@@ -32,6 +32,7 @@ void hookInitRootWindow(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookReceive(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookResourceAccess(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookSelectionFilter(CallbackListPtr *pcbl, void *unused, void *calldata);
+void hookServerAccess(CallbackListPtr *pcbl, void *unused, void *calldata);
 void hookWindowProperty(CallbackListPtr *pcbl, void *unused, void *calldata);
 
 #endif /* __XSERVER_NAMESPACE_HOOKS_H */
diff --git a/Xext/namespace/meson.build b/Xext/namespace/meson.build
index 33ec3c9a7..61cc47fae 100644
--- a/Xext/namespace/meson.build
+++ b/Xext/namespace/meson.build
@@ -10,6 +10,7 @@ libxserver_namespace = static_library(
 		'hook-receive.c',
 		'hook-resource.c',
 		'hook-selection.c',
+		'hook-server.c',
 		'hook-windowproperty.c',
 		'namespace.c',
 	],
diff --git a/Xext/namespace/namespace.c b/Xext/namespace/namespace.c
index 348930476..da1b5f1dd 100644
--- a/Xext/namespace/namespace.c
+++ b/Xext/namespace/namespace.c
@@ -38,7 +38,8 @@ NamespaceExtensionInit(void)
           XaceRegisterCallback(XACE_EXT_DISPATCH, hookExtDispatch, NULL) &&
           XaceRegisterCallback(XACE_EXT_ACCESS, hookExtAccess, NULL) &&
           XaceRegisterCallback(XACE_RECEIVE_ACCESS, hookReceive, NULL) &&
-          XaceRegisterCallback(XACE_RESOURCE_ACCESS, hookResourceAccess, NULL)))
+          XaceRegisterCallback(XACE_RESOURCE_ACCESS, hookResourceAccess, NULL) &&
+          XaceRegisterCallback(XACE_SERVER_ACCESS, hookServerAccess, NULL)))
         FatalError("NamespaceExtensionInit: allocation failure\n");
 
     /* Do the serverClient */