diff --git a/config.ini.dist b/config.ini.dist
index 981ce051..d081ee30 100644
--- a/config.ini.dist
+++ b/config.ini.dist
@@ -23,8 +23,7 @@ user = bot
 pass = groovy123
 
 [service]
-# note: anonymous, admin and nobody are always reserved
-user_ranks = regular_user, power_user, mod
+user_ranks = anonymous, regular_user, power_user, mod, admin, nobody
 default_user_rank = regular_user
 users_per_page = 20
 posts_per_page = 40
@@ -53,7 +52,7 @@ users:edit:self:email = regular_user
 users:edit:self:avatar = regular_user
 users:edit:self:rank = mod
 users:delete:any = admin
-users:delete:self = restricted_user
+users:delete:self = regular_user
 
 posts:create:anonymous = regular_user
 posts:create:identified = regular_user
diff --git a/szurubooru/config.py b/szurubooru/config.py
index 8295bca3..e973f9e3 100644
--- a/szurubooru/config.py
+++ b/szurubooru/config.py
@@ -3,12 +3,36 @@
 import os
 import configobj
 
+class ConfigurationError(RuntimeError):
+    ''' A problem with config.ini file. '''
+    pass
+
 class Config(object):
     ''' INI config parser and container. '''
     def __init__(self):
         self.config = configobj.ConfigObj('config.ini.dist')
         if os.path.exists('config.ini'):
             self.config.merge(configobj.ConfigObj('config.ini'))
+        self._validate()
 
     def __getitem__(self, key):
         return self.config[key]
+
+    def _validate(self):
+        '''
+        Checks whether config.ini doesn't contain errors that might prove
+        lethal at runtime.
+        '''
+        all_ranks = self['service']['user_ranks']
+        for privilege, rank in self['privileges'].items():
+            if rank not in all_ranks:
+                raise ConfigurationError(
+                    'Rank %r for privilege %r is missing from user_ranks' % (
+                        rank, privilege))
+        for rank in ['anonymous', 'admin', 'nobody']:
+            if rank not in all_ranks:
+                raise ConfigurationError('Fixed rank %r is missing from user_ranks' % rank)
+        if self['service']['default_user_rank'] not in all_ranks:
+            raise ConfigurationError(
+                'Default rank %r is missing from user_ranks' % (
+                    self['service']['default_user_rank']))
diff --git a/szurubooru/services/auth_service.py b/szurubooru/services/auth_service.py
index f11a3560..638ce6f3 100644
--- a/szurubooru/services/auth_service.py
+++ b/szurubooru/services/auth_service.py
@@ -22,9 +22,7 @@ class AuthService(object):
         '''
         Throws an AuthError if the given user doesn't have given privilege.
         '''
-        all_ranks = ['anonymous'] \
-            + self._config['service']['user_ranks'] \
-            + ['admin', 'nobody']
+        all_ranks = self._config['service']['user_ranks']
 
         assert privilege_name in self._config['privileges']
         assert user.access_rank in all_ranks