diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index 2873098a320..7a97ab46226 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -1282,6 +1282,7 @@ en:
     tl3_links_no_follow: "Do not remove rel=nofollow from links posted by trust level 3 users."
 
     min_trust_to_create_topic: "The minimum trust level required to create a new topic."
+    allow_staff_flags: "If enabled, users can flag posts from staff accounts."
 
     min_trust_to_edit_wiki_post: "The minimum trust level required to edit post marked as wiki."
 
diff --git a/config/site_settings.yml b/config/site_settings.yml
index f8ff2bb1a88..a10d7446eb6 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -900,6 +900,7 @@ trust:
   min_trust_to_post_links:
     default: 0
     enum: 'TrustLevelSetting'
+  allow_staff_flags: true
   tl1_requires_topics_entered: 5
   tl1_requires_read_posts:
     default: 30
diff --git a/lib/guardian/post_guardian.rb b/lib/guardian/post_guardian.rb
index 39f207b597b..3c822984f6d 100644
--- a/lib/guardian/post_guardian.rb
+++ b/lib/guardian/post_guardian.rb
@@ -21,6 +21,9 @@ module PostGuardian
 
     result = if authenticated? && post && !@user.anonymous?
 
+      # post made by staff, but we don't allow staff flags
+      return false if !SiteSetting.allow_staff_flags? && post.user.staff?
+
       return false if [:notify_user, :notify_moderators].include?(action_key) &&
         !SiteSetting.enable_personal_messages?
 
diff --git a/spec/components/guardian_spec.rb b/spec/components/guardian_spec.rb
index d61502367f4..cb9ad968aec 100644
--- a/spec/components/guardian_spec.rb
+++ b/spec/components/guardian_spec.rb
@@ -66,11 +66,23 @@ describe Guardian do
       expect(Guardian.new(user).post_can_act?(post, :like)).to be_falsey
     end
 
-    it "always allows flagging" do
+    it "allows flagging archived posts" do
       post.topic.archived = true
       expect(Guardian.new(user).post_can_act?(post, :spam)).to be_truthy
     end
 
+    it "allows flagging of staff posts when allow_staff_flags is true" do
+      SiteSetting.allow_staff_flags = true
+      staff_post = Fabricate(:post, user: Fabricate(:moderator))
+      expect(Guardian.new(user).post_can_act?(staff_post, :spam)).to be_truthy
+    end
+
+    it "doesn't allow flagging of staff posts when allow_staff_flags is false" do
+      SiteSetting.allow_staff_flags = false
+      staff_post = Fabricate(:post, user: Fabricate(:moderator))
+      expect(Guardian.new(user).post_can_act?(staff_post, :spam)).to eq(false)
+    end
+
     it "returns false when liking yourself" do
       expect(Guardian.new(post.user).post_can_act?(post, :like)).to be_falsey
     end