diff --git a/guide/install.md b/guide/install.md
index 197269c..b97ab60 100644
--- a/guide/install.md
+++ b/guide/install.md
@@ -71,10 +71,10 @@ $ sudo chmod a+rx /usr/local/bin/nvr
 ```toml
 [[binds]]
 ipv4 = "0.0.0.0:8080"
+allow_unauthenticated_permissions = { view_video = true }
 
 [[binds]]
 unix = "/var/lib/moonfire-nvr/sock"
-allow_unauthenticated_permissions = { view_video = true }
 own_uid_is_privileged = true
 ```
 
diff --git a/guide/secure.md b/guide/secure.md
index 965591c..41ae2ef 100644
--- a/guide/secure.md
+++ b/guide/secure.md
@@ -178,7 +178,7 @@ This change has two effects:
 
    * No `allow_unauthenticated_permissions` means that web users must 
      authenticate.
-   * `trust-forward-headers` means that Moonfire NVR will look for `X-Real-IP`
+   * `trust_forward_headers` means that Moonfire NVR will look for `X-Real-IP`
      and `X-Forwarded-Proto` headers as added by the webserver configuration
      in the next section.