From 926057153a0e7f57065ea000704008b8133b069d Mon Sep 17 00:00:00 2001
From: Josh Richards <josh.t.richards@gmail.com>
Date: Thu, 8 Jun 2023 10:11:48 -0400
Subject: [PATCH] (hardening and security) Add disabling debug mode
 recommendation

Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
---
 admin_manual/installation/harden_server.rst | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/admin_manual/installation/harden_server.rst b/admin_manual/installation/harden_server.rst
index 5cfecc6c3..6c5b74f16 100644
--- a/admin_manual/installation/harden_server.rst
+++ b/admin_manual/installation/harden_server.rst
@@ -88,6 +88,15 @@ setting the ``enable_previews`` switch to ``false`` in ``config.php``. As an
 administrator you are also able to manage which preview providers are enabled by 
 modifying the ``enabledPreviewProviders`` option switch.
 
+Disable Debug Mode
+^^^^^^^^^^^^^^^^^^
+
+Verify that ``debug`` is ``false`` in your ``config.php``. The default is ``false`` 
+in new installations (or when not specified). It should not be enabled in production 
+environments or outside of targeted troubleshooting situations. When enabled, things 
+like server-wide WebDAV collection listings are permitted. It is intended for local 
+development and usage in controlled environments only.
+
 .. _use_https_label:
 
 Use HTTPS