From 9176414ba4a9fffc4649cd2ce1f525de41755c16 Mon Sep 17 00:00:00 2001
From: Unrud <unrud@outlook.com>
Date: Wed, 23 Aug 2017 00:38:28 +0200
Subject: [PATCH] Add note about security when using X-Remote-User

---
 proxy.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/proxy.md b/proxy.md
index 285afc57..a425a950 100644
--- a/proxy.md
+++ b/proxy.md
@@ -41,6 +41,9 @@ location /radicale/ {
 }
 ```
 
+**Security:** Untrusted clients should not be able to access the Radicale
+server directly. Otherwise, they can authenticate as any user.
+
 ## Secure connection between Radicale and the reverse proxy
 SSL certificates can be used to encrypt and authenticate the connection between
 Radicale and the reverse proxy. First you have to generate a certificate for