diff --git a/_posts/10-05-01-Configuration-Files.md b/_posts/10-05-01-Configuration-Files.md
index e864bda..afb7c0b 100644
--- a/_posts/10-05-01-Configuration-Files.md
+++ b/_posts/10-05-01-Configuration-Files.md
@@ -13,4 +13,5 @@ via the file system.
 - If you must store your configuration files in the document root, name the files with a `.php` extension. This ensures
 that, even if the script is accessed directly, it will not be output as plain text.
 - Information in configuration files should be protected accordingly, either through encryption or group/user file
-system permissions
\ No newline at end of file
+system permissions.
+- It is a good idea to ensure that you do not commit configuration files containing sensitive information eg passwords or API tokens to source control.