diff --git a/docs/deployment/hosting-repositories.rst b/docs/deployment/hosting-repositories.rst
index 7cc52ae3b..66d3b7357 100644
--- a/docs/deployment/hosting-repositories.rst
+++ b/docs/deployment/hosting-repositories.rst
@@ -1,5 +1,6 @@
 .. include:: ../global.rst.inc
 .. highlight:: none
+.. _hosting_repositories:
 
 Hosting repositories
 ====================
diff --git a/docs/faq.rst b/docs/faq.rst
index e95d4738a..e790e3a49 100644
--- a/docs/faq.rst
+++ b/docs/faq.rst
@@ -557,6 +557,8 @@ These are your options to protect against that:
 - Mount C's filesystem on another machine and then create a backup of it.
 - Do not give C filesystem-level access to S.
 
+See :ref:`hosting_repositories` for a detailed protection guide.
+
 How can I protect against a hacked backup server?
 -------------------------------------------------