diff --git a/contrib/i2pd.conf b/contrib/i2pd.conf
index c65d2bee..c8baa046 100644
--- a/contrib/i2pd.conf
+++ b/contrib/i2pd.conf
@@ -122,6 +122,8 @@ port = 7070
 ## Path to web console, default "/"
 # webroot = /
 ## Uncomment following lines to enable Web Console authentication
+## You should not use Web Console via public networks without additional encryption.
+## HTTP authentication is not encryption layer!
 # auth = true
 # user = i2pd
 # pass = changeme
@@ -139,6 +141,8 @@ port = 4444
 ## Optional keys file for proxy local destination
 # keys = http-proxy-keys.dat
 ## Enable address helper for adding .i2p domains with "jump URLs" (default: true)
+## You should disable this feature if your i2pd HTTP Proxy is public,
+## because anyone could spoof the short domain via addresshelper and forward other users to phishing links
 # addresshelper = true
 ## Address of a proxy server inside I2P, which is used to visit regular Internet
 # outproxy = http://false.i2p