diff --git a/lib/new_post_manager.rb b/lib/new_post_manager.rb
index 6fe08f93c4..3938a34ea4 100644
--- a/lib/new_post_manager.rb
+++ b/lib/new_post_manager.rb
@@ -119,6 +119,14 @@ class NewPostManager
           result.errors[:base] << I18n.t(:topic_not_found)
           return result
         end
+      elsif manager.args[:category]
+        category = Category.find_by_id(manager.args[:category])
+
+        unless manager.user.guardian.can_create_topic_on_category?(category)
+          result = NewPostResult.new(:created_post, false)
+          result.errors[:base] << I18n.t("js.errors.reasons.forbidden")
+          return result
+        end
       end
 
       result = manager.enqueue('default')
diff --git a/spec/components/new_post_manager_spec.rb b/spec/components/new_post_manager_spec.rb
index 347adbb132..094ed175c4 100644
--- a/spec/components/new_post_manager_spec.rb
+++ b/spec/components/new_post_manager_spec.rb
@@ -104,6 +104,24 @@ describe NewPostManager do
       end
     end
 
+    context 'with a high approval post count and secure category' do
+      it 'does not create topic' do
+        SiteSetting.approve_post_count = 100
+        user = Fabricate(:user)
+        category_group = Fabricate(:category_group, permission_type: 2)
+        group_user = Fabricate(:group_user, group: category_group.group, user_id: user.id)
+
+        manager = NewPostManager.new(
+          user,
+          raw: 'this is a new topic',
+          title: "Let's start a new topic!",
+          category: category_group.category_id
+        )
+
+        expect(manager.perform.errors["base"][0]).to eq(I18n.t("js.errors.reasons.forbidden"))
+      end
+    end
+
     context 'with a high trust level setting' do
       before do
         SiteSetting.approve_unless_trust_level = 4