diff --git a/services/web/app/src/Features/Subscription/SubscriptionController.mjs b/services/web/app/src/Features/Subscription/SubscriptionController.mjs
index f24e5a8dc8..0a1dd580f9 100644
--- a/services/web/app/src/Features/Subscription/SubscriptionController.mjs
+++ b/services/web/app/src/Features/Subscription/SubscriptionController.mjs
@@ -399,6 +399,14 @@ const pauseSubscriptionSchema = z.object({
  */
 async function pauseSubscription(req, res, next) {
   const user = SessionManager.getSessionUser(req.session)
+  const { variant } = await SplitTestHandler.promises.getAssignment(
+    req,
+    res,
+    'pause-subscription'
+  )
+  if (variant !== 'enabled') {
+    return HttpErrorHandler.forbidden(req, res)
+  }
   const { params } = parseReq(req, pauseSubscriptionSchema)
   const pauseCycles = params.pauseCycles
   if (pauseCycles < 0) {
diff --git a/services/web/test/unit/src/Subscription/SubscriptionController.test.mjs b/services/web/test/unit/src/Subscription/SubscriptionController.test.mjs
index 3902d5c8d4..e80b37165e 100644
--- a/services/web/test/unit/src/Subscription/SubscriptionController.test.mjs
+++ b/services/web/test/unit/src/Subscription/SubscriptionController.test.mjs
@@ -283,6 +283,10 @@ describe('SubscriptionController', function () {
           res.status(400)
           res.json({ message })
         }),
+        forbidden: sinon.stub().callsFake((req, res, message) => {
+          res.status(403)
+          res.json({ message })
+        }),
       }),
     }))
 
@@ -679,6 +683,12 @@ describe('SubscriptionController', function () {
   })
 
   describe('pauseSubscription', function () {
+    beforeEach(function (ctx) {
+      ctx.SplitTestV2Hander.promises.getAssignment
+        .withArgs(sinon.match.any, sinon.match.any, 'pause-subscription')
+        .resolves({ variant: 'enabled' })
+    })
+
     it('should throw an error if no pause length is provided', async function (ctx) {
       ctx.res = new MockResponse(vi)
       ctx.req = new MockRequest(vi)
@@ -713,6 +723,25 @@ describe('SubscriptionController', function () {
       )
       expect(ctx.res.statusCode).to.equal(200)
     })
+
+    it('should return a 403 when the pause-subscription feature flag is not enabled', async function (ctx) {
+      ctx.SplitTestV2Hander.promises.getAssignment
+        .withArgs(sinon.match.any, sinon.match.any, 'pause-subscription')
+        .resolves({ variant: 'default' })
+      ctx.res = new MockResponse(vi)
+      ctx.req = new MockRequest(vi)
+      ctx.req.params = { pauseCycles: '3' }
+      ctx.next = sinon.stub()
+      await ctx.SubscriptionController.pauseSubscription(
+        ctx.req,
+        ctx.res,
+        ctx.next
+      )
+      expect(ctx.res.statusCode).to.equal(403)
+      expect(
+        ctx.SubscriptionHandler.promises.pauseSubscription.called
+      ).to.equal(false)
+    })
   })
 
   describe('resumeSubscription', function () {