diff --git a/deployment/nginx-proxy-manager/.env b/deployment/nginx-proxy-manager/.env
index f20a0a1..129653f 100644
--- a/deployment/nginx-proxy-manager/.env
+++ b/deployment/nginx-proxy-manager/.env
@@ -6,10 +6,15 @@ APPSEC_CONFIG=./appsec-config
 APPSEC_DATA=./appsec-data
 APPSEC_LOGS=./appsec-logs
 APPSEC_LOCALCONFIG=./appsec-localconfig
-APPSEC_AUTO_POLICY_LOAD=false
+
+## Make sure the parameter APPSEC_AUTO_POLICY_LOAD is set to true for changes
+## of open-appsec configuration in the NGINX Proxy Manager WebUI to be applied automatically
+APPSEC_AUTO_POLICY_LOAD=true
+
 ## Example for configuring HTTPS Proxy:
 ## APPSEC_HTTPS_PROXY=user:password@proxy_address:port
 APPSEC_HTTPS_PROXY=
+
 APPSEC_SMART_SYNC_STORAGE=./appsec-smartsync-storage
 APPSEC_USER_EMAIL=user@email.com
 APPSEC_DB_PASSWORD=pass
@@ -21,11 +26,23 @@ APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
 NPM_DATA=./data
 NPM_LETSENCRYPT=./letsencrypt
 
-## To connect your deployment to central WebUI you can uncomment following line
-## and provide the token for a profile which you created in open-appsec WebUI at https://my.openappsec.io
+## To connect your deployment to central open-appsec WebUI provide the token for a profile
+## which you created in open-appsec WebUI at https://my.openappsec.io
 ## Example: APPSEC_AGENT_TOKEN=111-22222-111
 APPSEC_AGENT_TOKEN=
 
-## When not providing token for connection to central WebUI please uncomment following line
-## which will enable sharing of learning between processes and allow you to perform tuning locally on CLI
-# COMPOSE_PROFILES=standalone
+## Important: When not providing token for connection to central WebUI:
+## Make sure to add the value "standalone" to the COMPOSE_PROFILES value, this will enable
+## sharing of learning between processes and allow you to perform tuning locally on CLI
+COMPOSE_PROFILES=
+
+## JUICE SHOP DEMO CONTAINER:
+## In order to deploy the optional, additional, vulnerable juiceshop container (for demo and testing purposes only!):
+## Add the value "juiceshop" to the COMPOSE_PROFILES value above.
+
+## Make sure to also create a new proxy host in the NGINX Proxy Manager WebUI 
+## which accepts traffic on http port 80 and proxies traffic to juiceshop-backend on port 3000.
+## note that juiceshop container listens on HTTP port 3000 by default
+
+## Note that COMPOSE_PROFILES can also receive multiple values, e.g. as shown here:
+## COMPOSE_PROFILES=standalone,juiceshop