diff --git a/fc.toml b/fc.toml
index 8aec5a4..fd5c979 100644
--- a/fc.toml
+++ b/fc.toml
@@ -1,6 +1,5 @@
 # FC CI Configuration File
 # This file contains default configuration for all FC CI components
-
 [database]
 connect_timeout = 30
 idle_timeout    = 600
@@ -16,6 +15,11 @@ max_body_size   = 10485760    # 10MB
 port            = 3000
 request_timeout = 30
 
+# Security options
+# force_secure_cookies = true # enable when behind HTTPS reverse proxy (nginx/caddy)
+# rate_limit_rps       = 100  # requests per second per IP (prevents DoS)
+# rate_limit_burst     = 20   # burst size before rate limit enforcement
+
 [evaluator]
 allow_ifd     = false
 git_timeout   = 600