Merge pull request #4289 from magento/em_magento-mc15537

Updating the configure the magento application topic

Author: erikmarr

guides/v2.1/install-gde/install/post-install-config.md

@@ -23,7 +23,7 @@ Immediately after finishing your Magento installation, set up a *crontab* for th
 
 For more information about cron, including how to remove a crontab and run cron from the command line, see [Configure and run cron]({{ page.baseurl }}/config-guide/cli/config-cli-subcommands-cron.html).
 
-## Security settings {#post-install-secy}
+## Security settings and recommendations {#post-install-secy}
 
 After installation, we recommend the following:
 
@@ -33,6 +33,8 @@ After installation, we recommend the following:
 *	Take precautions against cross-site scripting (XSS) by [securing your templates]({{ page.baseurl }}/frontend-dev-guide/templates/template-security.html)
 <!-- Set up roles and restricted users (Admin) -->
 
+If you installed by [cloning the Magento repository]({{page.baseurl}}/install-gde/prereq/dev_install.html), make sure that when you deploy Magento, you only include files and folders that are required for the production environment. Files and folders that are not required can potentially expose security risks.
+
 ## Enable Apache server rewrites {#post-install-rewrites}
 
 If you use the Apache web server, you must enable server rewrites for pages to display properly. Otherwise, you'll see pages without styles and other issues.

guides/v2.2/install-gde/install/post-install-config.md

@@ -21,7 +21,7 @@ cron—the UNIX task scheduler—is critical to Magento's day-to-day ope
 
 For more information about cron, including how to remove a crontab and run cron from the command line, see [Configure and run cron]({{ page.baseurl }}/config-guide/cli/config-cli-subcommands-cron.html).
 
-## Security settings {#post-install-secy}
+## Security settings and recommendations {#post-install-secy}
 
 After installation, we recommend the following:
 
@@ -31,6 +31,8 @@ After installation, we recommend the following:
 *	Take precautions against cross-site scripting (XSS) by [securing your templates]({{ page.baseurl }}/frontend-dev-guide/templates/template-security.html)
 <!-- Set up roles and restricted users (Admin) -->
 
+If you installed by [cloning the Magento repository]({{page.baseurl}}/install-gde/prereq/dev_install.html), make sure that when you deploy Magento, you only include files and folders that are required for the production environment. Files and folders that are not required can potentially expose security risks.
+
 ## Enable Apache server rewrites {#post-install-rewrites}
 
 If you use the Apache web server, you must enable server rewrites for pages to display properly. Otherwise, you'll see pages without styles and other issues.

guides/v2.3/install-gde/install/post-install-config.md

@@ -17,7 +17,7 @@ cron—the UNIX task scheduler—is critical to Magento's day-to-day ope
 
 For more information about cron, including how to remove a crontab and run cron from the command line, see [Configure and run cron]({{ page.baseurl }}/config-guide/cli/config-cli-subcommands-cron.html).
 
-## Security settings {#post-install-secy}
+## Security settings and recommendations {#post-install-secy}
 
 After installation, we recommend the following:
 
@@ -27,6 +27,8 @@ After installation, we recommend the following:
 *	Take precautions against cross-site scripting (XSS) by [securing your templates]({{page.baseurl}}/frontend-dev-guide/templates/template-security.html)
 <!-- Set up roles and restricted users (Admin) -->
 
+If you installed by [cloning the Magento repository]({{page.baseurl}}/install-gde/prereq/dev_install.html), make sure that when you deploy Magento, you only include files and folders that are required for the production environment. Files and folders that are not required can potentially expose security risks.
+
 ## Enable Apache server rewrites {#post-install-rewrites}
 
 If you use the Apache web server, you must enable server rewrites for pages to display properly. Otherwise, you'll see pages without styles and other issues.