diff --git a/gpg-mailgate-web/public_html/config.default.php b/gpg-mailgate-web/public_html/config.default.php
new file mode 100644
index 0000000..4176782
--- /dev/null
+++ b/gpg-mailgate-web/public_html/config.default.php
@@ -0,0 +1,53 @@
+.
+
+*/
+
+/*
+DO NOT EDIT THIS FILE!
+Instead, copy over "config.sample.php" to "config.php" and edit settings there.
+*/
+
+$config = array();
+$config['email_web'] = 'admin@example.com';
+$config['email_from'] = 'gpg-mailgate-web@example.com';
+$config['email_subject_requestpgp'] = 'Confirm your email address';
+$config['site_url'] = 'http://example.com/gpgmw';
+$config['site_title'] = 'PGP key management';
+$config['debug'] = false;
+$config['mail_smtp'] = false;
+$config['mail_smtp_host'] = 'localhost';
+$config['mail_smtp_port'] = 25;
+$config['mail_smtp_username'] = 'gpgmw';
+$config['mail_smtp_password'] = '';
+$config['db_name'] = 'gpgmw';
+$config['db_host'] = 'localhost';
+$config['db_username'] = 'gpgmw';
+$config['db_password'] = '';
+$config['pgpverify_enable'] = false;
+$config['pgpverify_tmpdir'] = '/tmp';
+$config['pgpverify_allowblank'] = true;
+$config['lock_time_initial'] = array('requestpgp' => 10);
+$config['lock_count_overload'] = array('requestpgp' => 3);
+$config['lock_time_overload'] = array('requestpgp' => 900);
+$config['lock_time_reset'] = 300;
+$config['lock_time_max'] = 3600;
+
+?>
diff --git a/gpg-mailgate-web/public_html/config.sample.php b/gpg-mailgate-web/public_html/config.sample.php
index 085e3bc..694e55e 100644
--- a/gpg-mailgate-web/public_html/config.sample.php
+++ b/gpg-mailgate-web/public_html/config.sample.php
@@ -20,8 +20,6 @@
*/
-$config = array();
-
//
// GENERAL SITE SETTINGS
//
diff --git a/gpg-mailgate-web/public_html/confirm.php b/gpg-mailgate-web/public_html/confirm.php
index 7d1262a..acd0ff5 100644
--- a/gpg-mailgate-web/public_html/confirm.php
+++ b/gpg-mailgate-web/public_html/confirm.php
@@ -20,7 +20,7 @@
*/
-require_once("config.php");
+require_once("include/config.php");
require_once("include/common.php");
require_once("include/dbconnect.php");
require_once("include/pgp.php");
diff --git a/gpg-mailgate-web/public_html/include/config.php b/gpg-mailgate-web/public_html/include/config.php
new file mode 100644
index 0000000..acde29b
--- /dev/null
+++ b/gpg-mailgate-web/public_html/include/config.php
@@ -0,0 +1,31 @@
+.
+
+*/
+
+require_once(dirname(__FILE__) . '/../config.default.php');
+
+if(file_exists(dirname(__FILE__) . '/../config.php')) {
+ require_once(dirname(__FILE__) . '/../config.php');
+} else {
+ die("Server configuration error: config.php does not exist.");
+}
+
+?>
diff --git a/gpg-mailgate-web/public_html/index.php b/gpg-mailgate-web/public_html/index.php
index ce3176d..943c990 100644
--- a/gpg-mailgate-web/public_html/index.php
+++ b/gpg-mailgate-web/public_html/index.php
@@ -20,7 +20,7 @@
*/
-require_once("config.php");
+require_once("include/config.php");
require_once("include/common.php");
require_once("include/dbconnect.php");
require_once("include/pgp.php");