From 2303b29e68d16fbf0a173ab2b4b0ac736041905c Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sat, 28 Jan 2023 23:15:28 +0100
Subject: Document cleaning the logs for passwords (#5050)

Follow up of https://github.com/FreshRSS/FreshRSS/pull/5001
---
 docs/en/admins/10_ServerConfig.md | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'docs')

diff --git a/docs/en/admins/10_ServerConfig.md b/docs/en/admins/10_ServerConfig.md
index 6c5823a2d..87bd74d09 100644
--- a/docs/en/admins/10_ServerConfig.md
+++ b/docs/en/admins/10_ServerConfig.md
@@ -1,8 +1,13 @@
 # Apache/Nginx Configuration Files
 
+> ℹ️ For improved security, remove sensitive information in the Web server logs by using our [`sensitive-log.sh` script](https://github.com/FreshRSS/FreshRSS/blob/edge/cli/sensitive-log.sh),
+on the model of our [reference Apache configuration](https://github.com/FreshRSS/FreshRSS/blob/edge/Docker/FreshRSS.Apache.conf) used for our official Docker images
+(see [`CustomLog`](https://httpd.apache.org/docs/current/mod/mod_log_config.html#customlog)).
+
 ## Apache configuration
 
 This is an example Apache virtual hosts configuration file. It covers HTTP and HTTPS configuration.
+For more details, check our [reference Apache configuration](https://github.com/FreshRSS/FreshRSS/blob/edge/Docker/FreshRSS.Apache.conf) used for our official Docker images.
 
 ```apache
 <VirtualHost *:80>
@@ -24,6 +29,7 @@ This is an example Apache virtual hosts configuration file. It covers HTTP and H
 	</Directory>
 
 	ErrorLog ${APACHE_LOG_DIR}/freshrss_error.log
+	# Consider piping the logs for cleaning passwords; cf. comment higher up.
 	CustomLog ${APACHE_LOG_DIR}/freshrss_access.log combined
 
 	AllowEncodedSlashes On
-- 
cgit v1.2.3