diff --git a/AUTHORS b/AUTHORS
index 924849e76..fdbfb83d8 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -225,3 +225,4 @@ suggestions:
   Kevin Ballard
   Sitaram Chamarty
   lolilolicon
+  Lee Lieske
diff --git a/ChangeLog b/ChangeLog
index 0dbee3a44..82cc07734 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -166,6 +166,9 @@
   Richard Boß).
 - Fixed typo in 'newest' and 'oldest' report definitions (thanks to Richard Boß).
 - The 'diagnostics' command obeys color settings.
+- Support 'allow.empty.filter', defaulting to 'yes', but if 'no' disallows the
+  combination of a write command and an empty filter.  Ordinarily this is just a
+  warning that requires confirmation (thanks to Lee Lieske).
 
 ------ current release ---------------------------
 
diff --git a/NEWS b/NEWS
index 18d1c8ebe..f0564ee47 100644
--- a/NEWS
+++ b/NEWS
@@ -29,6 +29,8 @@ New configuration options in taskwarrior 2.4.0
   - The 'taskd.trust' setting is now a tri-state, supporting values 'strict',
     'ignore hostname' and 'allow all', for server certificate validation.
   - New themes: dark-default-16.theme, dark-gray-blue-256.theme
+  - The 'allow.empty.filter' setting can be set to 'no' to disallow the
+    potentially dangerous combination of write commands and empty filters.
 
 Newly deprecated features in taskwarrior 2.4.0
 
diff --git a/doc/man/taskrc.5.in b/doc/man/taskrc.5.in
index ba6aa8e69..2aabe8682 100644
--- a/doc/man/taskrc.5.in
+++ b/doc/man/taskrc.5.in
@@ -281,6 +281,13 @@ confirmation before deleting a task, performing bulk changes, or the undo
 command.  The default value is "yes".  Consider leaving this setting as "yes",
 for safety.
 
+.TP
+.B allow.empty.filter=yes
+An empty filter combined with a write command is potentially a way to modify
+all tasks by mistkae, and when this is detected, confirmation is required.
+Setting this to 'no' means that it is an error to use a write command with no
+filter.
+
 .TP
 .B indent.annotation=2
 Controls the number of spaces to indent annotations when shown beneath the
diff --git a/src/Config.cpp b/src/Config.cpp
index 4d5db705c..06f82b187 100644
--- a/src/Config.cpp
+++ b/src/Config.cpp
@@ -81,6 +81,7 @@ std::string Config::_defaults =
   "#                                              # Comma-separated list.  May contain any subset of:\n"
   "#verbose=blank,header,footnote,label,new-id,new-uuid,affected,edit,special,project,sync,filter\n"
   "confirmation=yes                               # Confirmation on delete, big changes\n"
+  "allow.empty.filter=yes                         # An empty filter gets a warning and requires confirmation\n"
   "indent.annotation=2                            # Indent spaces for annotations\n"
   "indent.report=0                                # Indent spaces for whole report\n"
   "row.padding=0                                  # Left and right padding for each row of report\n"
diff --git a/src/Filter.cpp b/src/Filter.cpp
index af0dc063a..d4c0e16d4 100644
--- a/src/Filter.cpp
+++ b/src/Filter.cpp
@@ -259,6 +259,9 @@ void Filter::safety ()
     {
       if (context.parser.getFilterExpression () == "")
       {
+        if (! context.config.getBoolean ("allow.empty.filter"))
+          throw std::string (STRING_TASK_SAFETY_ALLOW);
+
         // If user is willing to be asked, this can be avoided.
         if (context.config.getBoolean ("confirmation") &&
             confirm (STRING_TASK_SAFETY_VALVE))
diff --git a/src/commands/CmdShow.cpp b/src/commands/CmdShow.cpp
index 5ab03b2e5..dd08128b7 100644
--- a/src/commands/CmdShow.cpp
+++ b/src/commands/CmdShow.cpp
@@ -69,6 +69,7 @@ int CmdShow::execute (std::string& output)
   std::string recognized =
     " abbreviation.minimum"
     " active.indicator"
+    " allow.empty.filter"
     " avoidlastcolumn"
     " bulk"
     " burndown.bias"
diff --git a/src/eng-USA.h b/src/eng-USA.h
index aee957e9a..b82862342 100644
--- a/src/eng-USA.h
+++ b/src/eng-USA.h
@@ -842,6 +842,7 @@
 #define STRING_TASK_VALID_PRIORITY   "Priority values may be 'H', 'M' or 'L', not '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "This command has no filter, and will modify all tasks.  Are you sure?"
 #define STRING_TASK_SAFETY_FAIL      "Command prevented from running."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " in {1} at line {2}"
diff --git a/src/esp-ESP.h b/src/esp-ESP.h
index 84a4cf0f0..ea1b0926d 100644
--- a/src/esp-ESP.h
+++ b/src/esp-ESP.h
@@ -854,6 +854,7 @@
 #define STRING_TASK_VALID_PRIORITY   "Valores de prioridad pueden ser 'H', 'M' o 'L', no '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "Este comando no tiene filtro, y modificará todas las tareas. ¿Está seguro?"
 #define STRING_TASK_SAFETY_FAIL      "Se impidió la ejecución del comando."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " en {1} en la línea {2}"
diff --git a/src/fra-FRA.h b/src/fra-FRA.h
index d9e57bafb..0d08eca1f 100644
--- a/src/fra-FRA.h
+++ b/src/fra-FRA.h
@@ -841,6 +841,7 @@
 #define STRING_TASK_VALID_PRIORITY   "Priority values may be 'H', 'M' or 'L', not '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "This command has no filter, and will modify all tasks.  Are you sure?"
 #define STRING_TASK_SAFETY_FAIL      "Command prevented from running."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " in {1} at line {2}"
diff --git a/src/ita-ITA.h b/src/ita-ITA.h
index ee496ed33..89cb314ee 100644
--- a/src/ita-ITA.h
+++ b/src/ita-ITA.h
@@ -842,6 +842,7 @@
 #define STRING_TASK_VALID_PRIORITY   "I valori di priorità possono essere 'H', 'M' o 'L', non '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "Questo comando non ha filtro, e modificherà tutti i task. Sicuro?"
 #define STRING_TASK_SAFETY_FAIL      "Prevenuta l'esecuzione del comando."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " in {1} alla linea {2}"
diff --git a/src/por-PRT.h b/src/por-PRT.h
index f54e29b3c..64cdcf5ee 100644
--- a/src/por-PRT.h
+++ b/src/por-PRT.h
@@ -842,6 +842,7 @@
 #define STRING_TASK_VALID_PRIORITY   "Valores de prioridade podem ser 'A', 'M' ou 'B', não '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "Este comando não possui um filtro e irá modificar todas as tarefas. Tem a certeza?"
 #define STRING_TASK_SAFETY_FAIL      "Execução do comando abortada."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " em {1} na linha {2}"