+ <para>
+ If disclosure of the password is a compliance issue consider blocking
+ the relevant CGI requests after enabling the <link linkend="enforce-blocks">enforce-blocks</link>
+ and <link linkend="allow-cgi-request-crunching">allow-cgi-request-crunching</link>.
+ </para>
+ </warning>