[ci skip] Add more info about security reporting to docs
diff --git a/user_guide_src/source/contributing/index.rst b/user_guide_src/source/contributing/index.rst
index 0112ca0..5966070 100644
--- a/user_guide_src/source/contributing/index.rst
+++ b/user_guide_src/source/contributing/index.rst
@@ -29,12 +29,24 @@
Support
*******
-Note that GitHub is not for general support questions!
+Please note that GitHub is not for general support questions! If you are
+having trouble using a feature of CodeIgniter, ask for help on our
+`forums <http://forum.codeigniter.com/>`_ instead.
-If you are having trouble using a feature of CodeIgniter, ask for help on the forum.
+If you are not sure whether you are using something correctly or if you
+have found a bug, again - please ask on the forums first.
-If you are wondering if you are using
-something correctly or if you have found a bug, ask on the forum first.
+********
+Security
+********
+
+Did you find a security issue in CodeIgniter?
+
+Please *don't* disclose it publicly, but e-mail us at security@codeigniter.com,
+or report it via our page on `HackerOne <https://hackerone.com/codeigniter>`_.
+
+If you've found a critical vulnerability, we'd be happy to credit you in our
+`ChangeLog <../changelog>`.
****************************
Tips for a Good Issue Report
diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst
index d4120d1..8afdaca 100644
--- a/user_guide_src/source/general/security.rst
+++ b/user_guide_src/source/general/security.rst
@@ -5,6 +5,9 @@
This page describes some "best practices" regarding web security, and
details CodeIgniter's internal security features.
+.. note:: If you came here looking for a security contact, please refer to
+ our `Contribution Guide <../contributing/index>`.
+
URI Security
============