From 607adf44f3fc609d2d49495468a61306d2fb0bd5 Mon Sep 17 00:00:00 2001
From: shamoon <4887959+shamoon@users.noreply.github.com>
Date: Sun, 4 Feb 2024 14:20:48 -0800
Subject: [PATCH] Documentation: Make remote-user warning clearer, maybe

---
 docs/configuration.md | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/docs/configuration.md b/docs/configuration.md
index b68198619..f5ffbf9b0 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -452,11 +452,12 @@ applications.
 
         This will allow authentication by simply adding a
         `Remote-User: <username>` header to a request. Use with care! You
-        especially *must:   ensure that any such header is not passed from
-        your proxy server to paperless.
+        especially *must* ensure that any such header is not passed from
+        external requests to your reverse-proxy to paperless (that would
+        effectively bypass all authentication).
 
-        If you're exposing paperless to the internet directly, do not use
-        this.
+        If you're exposing paperless to the internet directly (i.e.
+        without a reverse proxy), do not use this.
 
         Also see the warning [in the official documentation](https://docs.djangoproject.com/en/4.1/howto/auth-remote-user/#configuration).