docs: add auth warning for exposing ports (#8029)

* docs: update authentication guide with security warnings

* reference-auth-section

* auth

docs/docs/Configuration/configuration-authentication.md

@@ -8,15 +8,20 @@ import TabItem from '@theme/TabItem';
 
 This guide covers Langflow's authentication system and API key management, including how to secure your deployment and manage access to flows and components.
 
-:::tip
-The Langflow project includes a [`.env.example`](https://github.com/langflow-ai/langflow/blob/main/.env.example) file to help you get started.
-You can copy the contents of this file into your own `.env` file and replace the example values with your own preferred settings.
+:::warning
+Never expose Langflow ports directly to the internet without proper security measures.
+
+Disable `LANGFLOW_AUTO_LOGIN`, use a secure `LANGFLOW_SECRET_KEY`, and ensure your Langflow server is behind a reverse proxy with authentication enabled.
+For more information, see [Start a secure Langflow server with authentication](#start-a-secure-langflow-server-with-authentication).
 :::
 
 ## Authentication configuration values
 
 The section describes the available authentication configuration variables.
 
+The Langflow project includes a [`.env.example`](https://github.com/langflow-ai/langflow/blob/main/.env.example) file to help you get started.
+You can copy the contents of this file into your own `.env` file and replace the example values with your own preferred settings.
+
 ### LANGFLOW_AUTO_LOGIN
 
 When `True`, Langflow automatically logs users in with username `langflow` and password `langflow` without requiring user authentication.