diff --git a/core/modules/statistics/src/Tests/StatisticsInvalidPostTest.php b/core/modules/statistics/src/Tests/StatisticsInvalidPostTest.php
new file mode 100644
index 0000000..a2056d4
--- /dev/null
+++ b/core/modules/statistics/src/Tests/StatisticsInvalidPostTest.php
@@ -0,0 +1,76 @@
+<?php
+
+namespace Drupal\statistics\Tests;
+
+use Drupal\simpletest\WebTestBase;
+use GuzzleHttp\Client;
+
+/**
+ * Tests posting to statistics.php with invalid values.
+ *
+ * @group statistics
+ */
+class StatisticsInvalidPostTest extends WebTestBase {
+
+  /**
+   * Modules to enable.
+   *
+   * @var array
+   */
+  public static $modules = array('node', 'statistics');
+
+  /**
+   * The Guzzle HTTP client.
+   *
+   * @var \GuzzleHttp\Client;
+   */
+  protected $client;
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setUp() {
+    parent::setUp();
+    $this->client = new Client();
+    // Enable logging.
+    $this->config('statistics.settings')
+      ->set('count_content_views', 1)
+      ->save();
+  }
+
+  /**
+   * Test if nothing breaks when posting with invalid params.
+   */
+  public function testInvalidPost() {
+    global $base_url;
+
+    // Manually calling statistics.php.
+    $nid = 'a string instead of an integer';
+    $post = array('nid' => $nid);
+    $stats_path = $base_url . '/' . drupal_get_path('module', 'statistics') . '/statistics.php';
+    $this->client->post($stats_path, array('form_params' => $post));
+
+    $result = db_select('node_counter', 'n')
+      ->fields('n', array('nid'))
+      ->condition('n.nid', $nid)
+      ->execute()
+      ->fetchAssoc();
+    $this->assertEqual($result['nid'], array(), 'Verifying that nothing is written to the node_counter table.');
+
+
+    // An id greater than int(10), the maximum nid database limit.
+    $nid = 123456789012;
+    $post = array('nid' => $nid);
+    $stats_path = $base_url . '/' . drupal_get_path('module', 'statistics') . '/statistics.php';
+    $this->client->post($stats_path, array('form_params' => $post));
+
+    $result = db_select('node_counter', 'n')
+      ->fields('n', array('nid'))
+      ->condition('n.nid', $nid)
+      ->execute()
+      ->fetchAssoc();
+    $this->assertEqual($result['nid'], array(), 'Verifying that nothing is written to the node_counter table.');
+
+  }
+
+}
diff --git a/core/modules/statistics/statistics.php b/core/modules/statistics/statistics.php
index a43509e..dc8a613 100644
--- a/core/modules/statistics/statistics.php
+++ b/core/modules/statistics/statistics.php
@@ -22,7 +22,9 @@
   ->get('count_content_views');
 
 if ($views) {
-  $nid = filter_input(INPUT_POST, 'nid', FILTER_VALIDATE_INT);
+  $nid = filter_input(INPUT_POST, 'nid', FILTER_VALIDATE_INT, array(
+    "options" => array("min_range" => 0, "max_range" => 4294967295),
+  ));
   if ($nid) {
     $container->get('request_stack')->push(Request::createFromGlobals());
     $container->get('statistics.storage.node')->recordView($nid);