diff --git a/config/global.ini.php b/config/global.ini.php
index 9fc7064a9b1a0b7303d9b51a8cd0a54ed4f79920..71d3345436b0d04da408adf82313317c1c77ca33 100644
--- a/config/global.ini.php
+++ b/config/global.ini.php
@@ -570,7 +570,9 @@ use_third_party_id_cookie = 0
 debug = 0
 
 ; This option is an alternative to the debug option above. When set to 1, you can debug tracker request by adding
-; a debug=1 query paramater in the URL. All other HTTP requests will not have debug enabled.
+; a debug=1 query paramater in the URL. All other HTTP requests will not have debug enabled. For security reasons this
+; option should be only enabled if really needed and only for a short time frame. Otherwise anyone can set debug=1 and
+; see the log output as well.
 debug_on_demand = 0
 
 ; This setting is described in this FAQ: http://piwik.org/faq/how-to/faq_175/