diff --git a/dspace/CHANGES b/dspace/CHANGES
index c0b86ff91d..2070e17645 100644
--- a/dspace/CHANGES
+++ b/dspace/CHANGES
@@ -1,3 +1,9 @@
+(Robert Tansley)
+- Error pages now return appropriate HTTP status codes (e.g. 404 not found)
+- Bad filenames in /bitstream/ URLs now result in 404 error -- prevents
+  infinite URL spaces confusing crawlers and bad "persistent" bitstream IDs
+  circulating
+
 1.4.1 beta 1
 ============
 (Scott Yeadon)
diff --git a/dspace/src/org/dspace/app/webui/servlet/BitstreamServlet.java b/dspace/src/org/dspace/app/webui/servlet/BitstreamServlet.java
index f070ff470a..051e4eb705 100644
--- a/dspace/src/org/dspace/app/webui/servlet/BitstreamServlet.java
+++ b/dspace/src/org/dspace/app/webui/servlet/BitstreamServlet.java
@@ -92,6 +92,7 @@ public class BitstreamServlet extends DSpaceServlet
         String idString = request.getPathInfo();
         String handle = "";
         String sequenceText = "";
+        String filename = null;
         int sequenceID;
 
         // Parse 'handle' and 'sequence' (bitstream seq. number) out
@@ -117,9 +118,10 @@ public class BitstreamServlet extends DSpaceServlet
                 handle = idString.substring(0, slashIndex);
                 int slash2 = idString.indexOf('/', slashIndex + 1);
                 if (slash2 != -1)
+                {
                     sequenceText = idString.substring(slashIndex+1,slash2);
-                else
-                    sequenceText = idString.substring(slashIndex+1);
+                    filename = idString.substring(slash2+1);
+                }
             }
         }
 
@@ -167,10 +169,10 @@ public class BitstreamServlet extends DSpaceServlet
             }
         }
 
-        if (bitstream == null)
+        if (bitstream == null || filename == null
+                || !filename.equals(bitstream.getName()))
         {
-            // No bitstream found -- ID was invalid
-
+            // No bitstream found or filename was wrong -- ID invalid
             log.info(LogManager.getHeader(context, "invalid_id", "path="
                     + idString));
             JSPManager.showInvalidIDError(request, response, idString,
diff --git a/dspace/src/org/dspace/app/webui/util/JSPManager.java b/dspace/src/org/dspace/app/webui/util/JSPManager.java
index aa465fa2f8..5809aabeb1 100644
--- a/dspace/src/org/dspace/app/webui/util/JSPManager.java
+++ b/dspace/src/org/dspace/app/webui/util/JSPManager.java
@@ -102,6 +102,7 @@ public class JSPManager
     public static void showInternalError(HttpServletRequest request,
             HttpServletResponse response) throws ServletException, IOException
     {
+        response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
         showJSP(request, response, "/error/internal.jsp");
     }
 
@@ -117,6 +118,7 @@ public class JSPManager
     public static void showIntegrityError(HttpServletRequest request,
             HttpServletResponse response) throws ServletException, IOException
     {
+        response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
         showJSP(request, response, "/error/integrity.jsp");
     }
 
@@ -137,6 +139,7 @@ public class JSPManager
             throws ServletException, IOException
     {
         // FIXME: Need to work out which error message to display?
+        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
         showJSP(request, response, "/error/authorize.jsp");
     }
 
@@ -161,6 +164,7 @@ public class JSPManager
             throws ServletException, IOException
     {
         request.setAttribute("bad.id", badID);
+        response.setStatus(HttpServletResponse.SC_NOT_FOUND);
 
         if (type != -1)
         {