+# 4.3. enable-remote-toggle
+# =========================
+#
+# Specifies:
+#
+# Whether or not the web-based toggle feature may be used
+#
+# Type of value:
+#
+# 0 or 1
+#
+# Default value:
+#
+# 1
+#
+# Effect if unset:
+#
+# The web-based toggle feature is disabled.
+#
+# Notes:
+#
+# When toggled off, Privoxy acts like a normal, content-neutral
+# proxy, i.e. it acts as if none of the actions applied to any
+# URL.
+#
+# For the time being, access to the toggle feature can not be
+# controlled separately by "ACLs" or HTTP authentication, so that
+# everybody who can access Privoxy (see "ACLs" and listen-address
+# above) can toggle it for all users. So this option is not
+# recommended for multi-user environments with untrusted users.
+#
+# Note that you must have compiled Privoxy with support for this
+# feature, otherwise this option has no effect.
+#
+enable-remote-toggle 1
+
+
+# 4.4. enable-edit-actions
+# ========================
+#
+# Specifies:
+#
+# Whether or not the web-based actions file editor may be used
+#
+# Type of value:
+#
+# 0 or 1
+#
+# Default value:
+#
+# 1
+#
+# Effect if unset:
+#
+# The web-based actions file editor is disabled.
+#
+# Notes:
+#
+# For the time being, access to the editor can not be controlled
+# separately by "ACLs" or HTTP authentication, so that everybody
+# who can access Privoxy (see "ACLs" and listen-address above) can
+# modify its configuration for all users. So this option is not
+# recommended for multi-user environments with untrusted users.
+#
+# Note that you must have compiled Privoxy with support for this
+# feature, otherwise this option has no effect.
+#
+enable-edit-actions 1
+
+
+# 4.5. ACLs: permit-access and deny-access
+# ========================================
+#
+# Specifies:
+#
+# Who can access what.
+#
+# Type of value:
+#
+# src_addr[/src_masklen] [dst_addr[/dst_masklen]]
+#
+# Where src_addr and dst_addr are IP addresses in dotted decimal
+# notation or valid DNS names, and src_masklen and dst_masklen are
+# subnet masks in CIDR notation, i.e. integer values from 2 to 32
+# representing the length (in bits) of the network address. The
+# masks and the whole destination part are optional.
+#
+# Default value:
+#
+# Unset
+#
+# Effect if unset:
+#
+# Don't restrict access further than implied by listen-address
+#
+# Notes:
+#
+# Access controls are included at the request of ISPs and systems
+# administrators, and are not usually needed by individual users.
+# For a typical home user, it will normally suffice to ensure that
+# Privoxy only listens on the localhost or internal (home) network
+# address by means of the listen-address option.
+#
+# Please see the warnings in the FAQ that this proxy is not
+# intended to be a substitute for a firewall or to encourage anyone
+# to defer addressing basic security weaknesses.
+#
+# Multiple ACL lines are OK. If any ACLs are specified, then the
+# Privoxy talks only to IP addresses that match at least one
+# permit-access line and don't match any subsequent deny-access
+# line. In other words, the last match wins, with the default being
+# deny-access.
+#
+# If Privoxy is using a forwarder (see forward below) for a
+# particular destination URL, the dst_addr that is examined is the
+# address of the forwarder and NOT the address of the ultimate
+# target. This is necessary because it may be impossible for the
+# local Privoxy to determine the IP address of the ultimate target
+# (that's often what gateways are used for).
+#
+# You should prefer using IP addresses over DNS names, because the
+# address lookups take time. All DNS names must resolve! You can
+# not use domain patterns like "*.org" or partial domain names. If
+# a DNS name resolves to multiple IP addresses, only the first one
+# is used.
+#
+# Denying access to particular sites by ACL may have undesired side
+# effects if the site in question is hosted on a machine which also
+# hosts other sites.
+#
+# Examples:
+#
+# Explicitly define the default behavior if no ACL and
+# listen-address are set: "localhost" is OK. The absence of a
+# dst_addr implies that all destination addresses are OK:
+#
+# permit-access localhost
+#
+#
+# Allow any host on the same class C subnet as www.privoxy.org
+# access to nothing but www.example.com:
+#
+# permit-access www.privoxy.org/24 www.example.com/32
+#
+#
+# Allow access from any host on the 26-bit subnet 192.168.45.64 to
+# anywhere, with the exception that 192.168.45.73 may not access
+# www.dirty-stuff.example.com:
+#
+# permit-access 192.168.45.64/26
+# deny-access 192.168.45.73 www.dirty-stuff.example.com
+#
+