diff --git a/security.rst b/security.rst
index 90c0024266d..70cd2d111e1 100644
--- a/security.rst
+++ b/security.rst
@@ -715,6 +715,9 @@ URL pattern. You saw this earlier, where anything matching the regular expressio
                 # require ROLE_ADMIN for /admin*
                 - { path: '^/admin', roles: ROLE_ADMIN }
 
+                # or require ROLE_ADMIN and IS_AUTHENTICATED_FULLY for /admin*
+                - { path: '^/admin', roles: [IS_AUTHENTICATED_FULLY, ROLE_ADMIN] }
+
                 # the 'path' value can be any valid regular expression
                 # (this one will match URLs like /api/post/7298 and /api/comment/528491)
                 - { path: ^/api/(post|comment)/\d+$, roles: ROLE_USER }
@@ -739,6 +742,12 @@ URL pattern. You saw this earlier, where anything matching the regular expressio
                 <!-- require ROLE_ADMIN for /admin* -->
                 <rule path="^/admin" role="ROLE_ADMIN"/>
 
+                <!-- require ROLE_ADMIN and IS_AUTHENTICATED_FULLY for /admin* -->
+                <rule path="^/admin">
+                    <role>ROLE_ADMIN</role>
+                    <role>IS_AUTHENTICATED_FULLY</role>
+                </rule>
+
                 <!-- the 'path' value can be any valid regular expression
                      (this one will match URLs like /api/post/7298 and /api/comment/528491) -->
                 <rule path="^/api/(post|comment)/\d+$" role="ROLE_USER"/>
@@ -761,6 +770,9 @@ URL pattern. You saw this earlier, where anything matching the regular expressio
                 // require ROLE_ADMIN for /admin*
                 ['path' => '^/admin', 'roles' => 'ROLE_ADMIN'],
 
+                // require ROLE_ADMIN and IS_AUTHENTICATED_FULLY for /admin*
+                ['path' => '^/admin', 'roles' => ['ROLE_ADMIN', 'IS_AUTHENTICATED_FULLY']],
+
                 // the 'path' value can be any valid regular expression
                 // (this one will match URLs like /api/post/7298 and /api/comment/528491)
                 ['path' => '^/api/(post|comment)/\d+$', 'roles' => 'ROLE_USER'],

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/12538.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/12538.diff" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/12538.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/12538.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>