diff --git a/Rocket-example.toml b/Rocket-example.toml
index 30a3c3a04b095fad79cac69d54fa3b4e9db6e746..677b8e10b6946963f376ae19600a5ebd9ee05200 100644
--- a/Rocket-example.toml
+++ b/Rocket-example.toml
@@ -1,6 +1,7 @@
 [global]
 server_name = "your.server.name"
 #registration_disabled = true
+#encryption_disabled = true
 
 # Default path is in this user's data
 #database_path = "/home/timo/MyConduitServer"
@@ -8,6 +9,7 @@ server_name = "your.server.name"
 port = 14004
 address = "0.0.0.0"
 
+# Not necessary when using a reverse proxy
 #[global.tls]
 #certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
 #key = "/etc/letsencrypt/live/your.server.name/privkey.pem"
diff --git a/src/client_server.rs b/src/client_server.rs
index c8f264c74780df11910a83793485bbf598c1265a..e6a2c23ee934932fd7173712d69537f2df8ba0c3 100644
--- a/src/client_server.rs
+++ b/src/client_server.rs
@@ -1341,6 +1341,11 @@ pub fn create_room_route(
         content,
     } in &body.initial_state
     {
+        // Silently skip encryption events if they are not allowed
+        if event_type == &EventType::RoomEncryption && db.globals.encryption_disabled() {
+            continue
+        }
+
         db.rooms.append_pdu(
             room_id.clone(),
             user_id.clone(),
diff --git a/src/database/globals.rs b/src/database/globals.rs
index 45786054ae35e46a168df676ebef4e965ab564f5..3a257a54ccc36e3f8146c0ece7df73d7f877012f 100644
--- a/src/database/globals.rs
+++ b/src/database/globals.rs
@@ -10,6 +10,7 @@ pub struct Globals {
     reqwest_client: reqwest::Client,
     server_name: Box<ServerName>,
     registration_disabled: bool,
+    encryption_disabled: bool,
 }
 
 impl Globals {
@@ -33,6 +34,7 @@ pub fn load(globals: sled::Tree, config: &rocket::Config) -> Result<Self> {
                 .try_into()
                 .map_err(|_| Error::BadConfig("Invalid server name found."))?,
             registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
+            encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
         })
     }
 
@@ -70,4 +72,8 @@ pub fn server_name(&self) -> &ServerName {
     pub fn registration_disabled(&self) -> bool {
         self.registration_disabled
     }
+
+    pub fn encryption_disabled(&self) -> bool {
+        self.encryption_disabled
+    }
 }
diff --git a/src/database/rooms.rs b/src/database/rooms.rs
index 3ef4f3f1a28adfe414d96bf4a8ebe4e2004b0450..298212d48eb3f47e9bbe059f3e923bd2ea9f9048 100644
--- a/src/database/rooms.rs
+++ b/src/database/rooms.rs
@@ -319,7 +319,12 @@ pub fn append_pdu(
                 Some,
             );
 
+            // Is the event allowed?
             if !match event_type {
+                EventType::RoomEncryption => {
+                    // Don't allow encryption events when it's disabled
+                    !globals.encryption_disabled()
+                }
                 EventType::RoomMember => {
                     let target_user_id = UserId::try_from(&**state_key).map_err(|_| {
                         Error::BadRequest(