diff --git a/README b/README
index 37a313a..f8a02e5 100644
--- a/README
+++ b/README
@@ -29,3 +29,31 @@ HOW TO CHANGE SETTINGS AFTER INITIAL SETUP
ADMIN ACCOUNT
==================================================
The admin account is 'admin' with password 'onj'. To change the password, either manually do it in the database (ugly) or edit the dbinit.sql file before running setup
+==================================================
+
+ADDING SECURITY FEATURE
+While setting up onj using apache server, prevent access to files/directories by following these instructions:
+
+Open the file /etc/apache2/apache2.conf
+
+Insert the following lines of code:
+
+
+ Order Deny,Allow
+ Deny from all
+
+
+
+
+ Order Deny,Allow
+ Deny from all
+
+
+
+
+ Order Deny,Allow
+ Deny from all
+
+
+==================================================
+