diff --git a/.changeset/callback-check-payments-enabled.md b/.changeset/callback-check-payments-enabled.md
new file mode 100644
index 00000000..560cf24f
--- /dev/null
+++ b/.changeset/callback-check-payments-enabled.md
@@ -0,0 +1,5 @@
+---
+"nostream": patch
+---
+
+fix: check payments.enabled in callback route middleware
diff --git a/src/routes/callbacks/index.ts b/src/routes/callbacks/index.ts
index c835c863..32d8b3e4 100644
--- a/src/routes/callbacks/index.ts
+++ b/src/routes/callbacks/index.ts
@@ -12,7 +12,7 @@ const router: Router = Router()
 const requireProcessor = (name: string) =>
   (_req: Request, res: Response, next: NextFunction) => {
     const settings = createSettings()
-    if (settings.payments?.processor !== name) {
+    if (!settings.payments?.enabled || settings.payments.processor !== name) {
       res.status(403).send('Forbidden')
       return
     }
diff --git a/test/integration/features/callbacks/opennode-callback.feature.ts b/test/integration/features/callbacks/opennode-callback.feature.ts
index 0678e580..74b5d780 100644
--- a/test/integration/features/callbacks/opennode-callback.feature.ts
+++ b/test/integration/features/callbacks/opennode-callback.feature.ts
@@ -36,8 +36,17 @@ Given('OpenNode callback processing is enabled', function () {
     ...settings,
     payments: {
       ...(settings?.payments ?? {}),
+      enabled: true,
       processor: 'opennode',
     },
+    paymentsProcessors: {
+      ...(settings?.paymentsProcessors ?? {}),
+      opennode: {
+        ...(settings?.paymentsProcessors?.opennode ?? {}),
+        baseURL: 'api.opennode.com',
+        callbackBaseURL: 'http://localhost:18808/callbacks/opennode',
+      },
+    },
   }
 
   process.env.OPENNODE_API_KEY = OPENNODE_TEST_API_KEY
diff --git a/test/unit/routes/callbacks.spec.ts b/test/unit/routes/callbacks.spec.ts
index 1a4bda27..d5195284 100644
--- a/test/unit/routes/callbacks.spec.ts
+++ b/test/unit/routes/callbacks.spec.ts
@@ -16,7 +16,7 @@ describe('callbacks router', () => {
     receivedBody = undefined
 
     createSettingsStub = Sinon.stub(settingsFactory, 'createSettings').returns({
-      payments: { processor: 'opennode' },
+      payments: { enabled: true, processor: 'opennode' },
     } as any)
 
     createOpenNodeCallbackControllerStub = Sinon.stub(openNodeControllerFactory, 'createOpenNodeCallbackController').returns({