X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/3ad4d93e33284ad6d51d2fa5f9abf1943b894d48..4ad7c9d6257ca106b2949d22f6300823190991a0:/doc/security.mdwn

diff --git a/doc/security.mdwn b/doc/security.mdwn
index dc763ef40..9d7702dde 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -134,7 +134,9 @@ file not be world readable.
 
 Login to the wiki involves sending a password in cleartext over the net.
 Cracking the password only allows editing the wiki as that user though.
-If you care, you can use https, I suppose.
+If you care, you can use https, I suppose. If you do use https either for
+all of the wiki, or just the cgi access, then consider using the sslcookie
+option.
 
 ## XSS holes in CGI output