diff --git a/CHANGELOG-EE b/CHANGELOG-EE
index 459e07352e672861cf296a8238de777912bd9fa2..e494253fa54c410c50a5dd5c3ea5fa3f97764101 100644
--- a/CHANGELOG-EE
+++ b/CHANGELOG-EE
@@ -1,6 +1,12 @@
 Please view this file on the master branch, on stable branches it's out of date.
 v 8.12.0 (Unreleased)
 
+v 8.11.5
+  - API: Restore backward-compatibility for POST /projects/:id/members when membership is locked
+
+v 8.11.4
+  - No EE-specific changes
+
 v 8.11.3
   - [ES] Add logging to indexer
   - Fix missing EE-specific service parameters for Jenkins CI
diff --git a/lib/api/members.rb b/lib/api/members.rb
index 94c16710d9a5b5cf0fa1ef89c90836ba1a11ebc9..ffb8aa94b314408298913199f58fca266ffac044 100644
--- a/lib/api/members.rb
+++ b/lib/api/members.rb
@@ -59,6 +59,12 @@ class Members < Grape::API
           authorize_admin_source!(source_type, source)
           required_attributes! [:user_id, :access_level]
 
+          ## EE specific
+          if source_type == 'project' && source.group && source.group.membership_lock
+            not_allowed!
+          end
+          ## EE specific
+
           access_requester = source.requesters.find_by(user_id: params[:user_id])
           if access_requester
             # We pass current_user = access_requester so that the requester doesn't
diff --git a/spec/requests/api/members_spec.rb b/spec/requests/api/members_spec.rb
index 1e365bf353a9e133de342456237ef9a65e379021..0163743df8da6786df33131204310d0937a0f854 100644
--- a/spec/requests/api/members_spec.rb
+++ b/spec/requests/api/members_spec.rb
@@ -162,6 +162,23 @@
     end
   end
 
+  ## EE specific
+  shared_examples 'POST /projects/:id/members with the project group membership locked' do
+    context 'project in a group' do
+      it 'returns a 405 method not allowed error when group membership lock is enabled' do
+        group_with_membership_locked = create(:group, membership_lock: true)
+        project = create(:project, group: group_with_membership_locked)
+        project.group.add_owner(master)
+
+        post api("/projects/#{project.id}/members", master),
+             user_id: developer.id, access_level: Member::MASTER
+
+        expect(response.status).to eq 405
+      end
+    end
+  end
+  ## EE specific
+
   shared_examples 'PUT /:sources/:id/members/:user_id' do |source_type|
     context "with :sources == #{source_type.pluralize}" do
       it_behaves_like 'a 404 response when source is private' do
@@ -292,6 +309,10 @@
     let(:source) { project }
   end
 
+  ## EE specific
+  it_behaves_like 'POST /projects/:id/members with the project group membership locked'
+  ## EE specific
+
   it_behaves_like 'POST /:sources/:id/members', 'group' do
     let(:source) { group }
   end