diff --git a/server/routes.py b/server/routes.py
index 2013756c..f89807a4 100644
--- a/server/routes.py
+++ b/server/routes.py
@@ -8,6 +8,16 @@
 from . import faq as faq_util
 
 
+def safe_int(value, default=1):
+    """
+    Safely convert a value to integer, default to 1 if conversion fails.
+    """
+    try:
+        return int(value) if value else default
+    except (ValueError, TypeError):
+        return default
+
+
 @app.route("/")
 def index():
     return render_template(
@@ -89,11 +99,11 @@ def techreportlanding(page_id):
     requested_geo = request.args.get("geo") or "ALL"
     requested_rank = request.args.get("rank") or "ALL"
     requested_category = request.args.get("category") or "CMS"
-    requested_page = request.args.get("page") or 1
-    requested_page = int(requested_page)
+    requested_page = safe_int(
+        request.args.get("page")
+    )  # TODO: After security scanner is off, return 400 if not an int
     selected_techs = request.args.get("selected")
-    selected_rows = request.args.get("rows") or 10
-    selected_rows = str(selected_rows)
+    selected_rows = str(safe_int(request.args.get("rows"), default=10))
 
     last_page = request.args.get("last_page") or False
 
diff --git a/server/tests/routes_test.py b/server/tests/routes_test.py
index c2636241..51c2303d 100644
--- a/server/tests/routes_test.py
+++ b/server/tests/routes_test.py
@@ -234,15 +234,25 @@ def test_tech_report_drilldown(client):
 
 
 def test_tech_report_drilldown_wordpress(client):
+    response = client.get("/reports/techreport/tech?tech=WordPress&geo=ALL&rank=ALL")
+    assert response.status_code == 200
+
+
+def test_tech_report_category(client):
+    response = client.get("/reports/techreport/category?geo=ALL&rank=ALL&category=CMS")
+    assert response.status_code == 200
+
+
+def test_tech_report_category_pages(client):
     response = client.get(
-        "/reports/techreport/tech?tech=WordPress&geo=ALL&rank=ALL"
+        "/reports/techreport/category?geo=ALL&rank=ALL&category=CMS&page=2"
     )
     assert response.status_code == 200
 
 
-def test_tech_report_category(client):
+def test_tech_report_category_pages_fallback(client):
     response = client.get(
-        "/reports/techreport/category?geo=ALL&rank=ALL&category=CMS"
+        "/reports/techreport/category?geo=ALL&rank=ALL&category=CMS&page=defaults_to_1"
     )
     assert response.status_code == 200