diff --git a/admin_manual/configuration_server/bruteforce_configuration.rst b/admin_manual/configuration_server/bruteforce_configuration.rst
index 1400d7e8fe6..f0d99bfeae1 100644
--- a/admin_manual/configuration_server/bruteforce_configuration.rst
+++ b/admin_manual/configuration_server/bruteforce_configuration.rst
@@ -22,6 +22,15 @@ The maximum delay is 25 seconds.
 After a successful login the attempts will be cleared. And once a user is
 properly authenticated they will no longer be hit by the delay.
 
+Exclude IP addresses from brute force protection
+------------------------
+
+It's possible to exlude IP addresses from the brute force protection.
+
+- Enable the bruteforcesettings app
+- Login as admin and go to Administration settings -> Security
+
+Note that any excluded IP address can perform authentication attempts without any throttling.  Its best to exclude as few IP addresses as you can, or even none at all. 
 
 Troubleshooting
 ---------------