From ae3ce1220b57d07c5405a8fc582c86cc9f7b13f4 Mon Sep 17 00:00:00 2001
From: Yamila Moreno <yamila.moreno@kaleidos.net>
Date: Wed, 9 Apr 2025 10:05:18 +0200
Subject: [PATCH] :whale: Improve https documentation

---
 docs/technical-guide/getting-started/docker.md | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/docs/technical-guide/getting-started/docker.md b/docs/technical-guide/getting-started/docker.md
index 5b6e57993..153817cd9 100644
--- a/docs/technical-guide/getting-started/docker.md
+++ b/docs/technical-guide/getting-started/docker.md
@@ -151,9 +151,19 @@ Postgres database and another one for the assets uploaded by your users (images
 clips). There may be more volumes if you enable other features, as explained in the file
 itself.
 
-## Configure the proxy
+## Configure the proxy and HTTPS
 
-Your host configuration needs to make a proxy to http://localhost:9001.
+We strongly recommend to use Penpot under HTTPS/SSL. When you configure the proxy, your host configuration needs to make a proxy to http://localhost:9001.
+
+<p class="advice">
+    If you plan to serve Penpot under different domain than `localhost` without HTTPS,
+    you need to disable the `secure` flag on cookies, with the `disable-secure-session-cookies` flag.
+    This is a configuration NOT recommended for production environments; as some browser APIs do
+    not work properly under non-https environments, this unsecure configuration
+    may limit the usage of Penpot; as an example, the clipboard does not work with HTTP.
+</p>
+
+Below, you can see three examples with three different proxys:
 
 ### Example with NGINX