diff --git a/docs/docs/guides/reverse_proxy.md b/docs/docs/guides/reverse_proxy.md
index 26ca1f825..0a06e4047 100644
--- a/docs/docs/guides/reverse_proxy.md
+++ b/docs/docs/guides/reverse_proxy.md
@@ -51,17 +51,27 @@ Here we access Frigate via https://cctv.mydomain.co.uk
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://frigatepi.local:5000/$1 [P,L]
-Installing SSL is beyond the scope of this document but [Let's Encrypt](https://letsencrypt.org/) is a widely used approach.
+```
+
+### Step 2: Use SSL to encrypt access to your Frigate instance
+
+Whilst this won't, on its own, stop access to your Frigate webserver it will encrypt all content (such as login credentials).
+Installing SSL is beyond the scope of this document but [Let's Encrypt](https://letsencrypt.org/) is a widely used approach.
+This Apache2 configuration snippet then results in unencrypted requests being redirected to the webserver SSL port
-This Apache2 configuration snippet then results in unencrypted requests being redirected to webserver SSL port
```xml
- ServerName cctv.mydomain.co.uk
-
- RewriteEngine on
- RewriteCond %{SERVER_NAME} =cctv.mydomain.co.uk
- RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+ServerName cctv.mydomain.co.uk
+RewriteEngine on
+RewriteCond %{SERVER_NAME} =cctv.mydomain.co.uk
+RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+```
+
+### Step 3: Authenticate users at the proxy
+
+There are many ways to authenticate a website but a straightforward approach is to use [Apache2 password files](https://httpd.apache.org/docs/2.4/howto/auth.html).
+
```xml
@@ -71,4 +81,4 @@ This Apache2 configuration snippet then results in unencrypted requests being re
Require user paul
-```
\ No newline at end of file
+```