diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 10e9f45..cf1ae34 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -653,6 +653,21 @@ change it with the setting
 .BR xferlog_file .
 
 Default: NO
+.TP
+.B isolate_network
+If enabled, use CLONE_NEWNET to isolate the untrusted processes so that
+they can't do arbitrary connect() and instead have to ask the privileged
+process for sockets (
+.BR port_promiscuous
+have to be disabled).
+
+Default: YES
+.TP
+.B isolate
+If enabled, use CLONE_NEWPID and CLONE_NEWIPC to isolate processes to their
+ipc and pid namespaces. So separated processes can not interact with each other.
+
+Default: YES
 
 .SH NUMERIC OPTIONS
 Below is a list of numeric options. A numeric option must be set to a non
@@ -750,8 +765,9 @@ Default: 077
 .B max_clients
 If vsftpd is in standalone mode, this is the maximum number of clients which
 may be connected. Any additional clients connecting will get an error message.
+The value 0 switches off the limit.
 
-Default: 0 (unlimited)
+Default: 2000
 .TP
 .B max_login_fails
 After this many login failures, the session is killed.
@@ -761,9 +777,9 @@ Default: 3
 .B max_per_ip
 If vsftpd is in standalone mode, this is the maximum number of clients which
 may be connected from the same source internet address. A client will get an
-error message if they go over this limit.
+error message if they go over this limit. The value 0 switches off the limit.
 
-Default: 0 (unlimited)
+Default: 50
 .TP
 .B pasv_max_port
 The maximum port to allocate for PASV style data connections. Can be used to