diff --git a/app/access_controls/access_control_edit.php b/app/access_controls/access_control_edit.php
index e99b4f0008..559638d18c 100644
--- a/app/access_controls/access_control_edit.php
+++ b/app/access_controls/access_control_edit.php
@@ -60,6 +60,14 @@
 //process the user data and save it to the database
 	if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 
+		//enforce valid data
+			if ($access_control_name == 'providers' || $access_control_name == 'domains') {
+				$access_control_default = 'deny';
+			}
+			if ($access_control_default != 'allow' && $access_control_default != 'deny') {
+				$access_control_default = 'deny';
+			}
+
 		//validate the token
 			$token = new token;
 			if (!$token->validate($_SERVER['PHP_SELF'])) {
@@ -145,11 +153,6 @@
 				$access_control_uuid = uuid();
 			}
 
-		//protect users by forcing default to deny
-			if ($access_control_name == 'providers' || $access_control_name == 'domains') {
-				$access_control_default = 'deny';
-			}
-
 		//prepare the array
 			$array['access_controls'][0]['access_control_uuid'] = $access_control_uuid;
 			$array['access_controls'][0]['access_control_name'] = $access_control_name;
@@ -158,22 +161,52 @@
 			$y = 0;
 			if (is_array($access_control_nodes)) {
 				foreach ($access_control_nodes as $row) {
-					if (strlen($row['node_type']) > 0) {
-						$array['access_controls'][0]['access_control_nodes'][$y]['access_control_node_uuid'] = $row["access_control_node_uuid"];
-						$array['access_controls'][0]['access_control_nodes'][$y]['node_type'] = $row["node_type"];
-						$array['access_controls'][0]['access_control_nodes'][$y]['node_cidr'] = $row["node_cidr"];
-						$array['access_controls'][0]['access_control_nodes'][$y]['node_domain'] = $row["node_domain"];
-						$array['access_controls'][0]['access_control_nodes'][$y]['node_description'] = $row["node_description"];
-						$y++;
+
+					//validate the data
+					if (!is_uuid($row["access_control_node_uuid"])) { continue; }
+					if ($row["node_type"] != 'allow' && $row["node_type"] != 'deny') { continue; }
+					if (isset($row["node_cidr"]) && $row["node_cidr"] != '') {
+						$cidr_array = explode("/", str_replace("\\", "/", $row["node_cidr"]));
+						if (filter_var($cidr_array[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
+							if (isset($cidr_array[1]) && is_numeric($cidr_array[1])) {
+								//valid IPv4 address and cidr notation
+								$node_cidr = $row["node_cidr"];
+							}
+							else {
+								//valid IPv4 address add the missing cidr notation
+								$node_cidr = $row["node_cidr"].'/32';
+							}
+						}
+						elseif(filter_var($cidr_array[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
+							//valid IPv6 address
+							$node_cidr = $row["node_cidr"];
+						}
+
+						//if the cidr is provided ignore the domain.
+						$row["node_domain"] = '';
 					}
+
+					//build the sub array
+					$array['access_controls'][0]['access_control_nodes'][$y]['access_control_node_uuid'] = $row["access_control_node_uuid"];
+					$array['access_controls'][0]['access_control_nodes'][$y]['node_type'] = $row["node_type"];
+					$array['access_controls'][0]['access_control_nodes'][$y]['node_cidr'] = $node_cidr;
+					$array['access_controls'][0]['access_control_nodes'][$y]['node_domain'] = $row["node_domain"];
+					$array['access_controls'][0]['access_control_nodes'][$y]['node_description'] = $row["node_description"];
+					$y++;
+
+					//unset values
+					unset($cidr_array, $node_cidr);
+
 				}
 			}
 
 		//save the data
-			$database = new database;
-			$database->app_name = 'access controls';
-			$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
-			$database->save($array);
+			if (is_array($array)) {
+				$database = new database;
+				$database->app_name = 'access controls';
+				$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
+				$database->save($array);
+			}
 
 		//clear the cache
 			$cache = new cache;