diff --git a/config_example/config.py b/config_example/config.py
new file mode 100644
index 0000000..8c1b76f
--- /dev/null
+++ b/config_example/config.py
@@ -0,0 +1,15 @@
+import os
+
+BASE_DIR = os.path.dirname(os.path.abspath(__file__))
+
+#
+# General settings
+#
+# SECRET_KEY = 'define a secret key'
+#
+# ALLOWED_HOSTS = []
+
+#
+# Style settings
+#
+# DEFAULT_THEME = 'clear-red'
diff --git a/main/settings.py b/main/settings.py
index f5188e7..acbfd29 100644
--- a/main/settings.py
+++ b/main/settings.py
@@ -10,13 +10,10 @@ For the full list of settings and their values, see
 https://docs.djangoproject.com/en/2.2/ref/settings/
 """
 
-try:
-    from config import config
-    # required keys: SECRET_KEY
-    # optional keys: ALLOWED_HOSTS, DEFAULT_THEME
-except ImportError:
-    config = {}
+import config
 import os
+import stat
+import sys
 import random
 
 
@@ -24,25 +21,46 @@ import random
 #
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
+# Check permission of config.py
+#
+if sys.platform == 'linux' or sys.platform == 'linux2':
+    st = os.stat(os.path.join(BASE_DIR, 'config.py'))
+    if st.st_mode & stat.S_IRGRP or st.st_mode & stat.S_IROTH:
+        raise PermissionError("conig.py is readable by group or others.")
+
+# Default values, if not defined in config.py
+#
+USER_CONFIG_DEFAULTS = {
+    'SECRET_KEY': None,
+    'DEFAULT_THEME': 'clear-green',
+    'ALLOWED_HOSTS': [],
+}
+
+# Set configuration parameters
+#
+thismodule = sys.modules[__name__]
+for property_name in USER_CONFIG_DEFAULTS:
+    try:
+        value = getattr(config, property_name)
+    except AttributeError:
+        value = USER_CONFIG_DEFAULTS[property_name]
+    setattr(thismodule, property_name, value)
 
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
 #
-try:
-    SECRET_KEY = config['SECRET_KEY']
-except KeyError:
+if SECRET_KEY is None:
     chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
     s_key = ''.join([random.choice(chars) for n in range(50)])
     secret_key_warning = "You need to create a config.py file including a variable config which is a dict  with at least a SECRET_KEY definition (e.g.: %s)." % repr(s_key)
     raise KeyError(secret_key_warning)
+
 # SECURITY WARNING: don't run with debug turned on in production!
 #
 DEBUG = False
 
-ALLOWED_HOSTS = config.get('ALLOWED_HOSTS', [])
-
 
 # Application definition
 #
@@ -124,6 +142,7 @@ AUTH_PASSWORD_VALIDATORS = [
     },
 ]
 
+
 # Search Engine
 #
 WHOOSH_PATH = os.path.join(BASE_DIR, 'data', 'whoosh_index')
@@ -241,7 +260,3 @@ File "%(pathname)s", line %(lineno)d, in %(funcName)s
 # Other Configuration issues
 #
 LOGIN_URL = 'users-login'
-
-# App Configuration
-#
-DEFAULT_THEME = config.get('DEFAULT_THEME', 'clear-green')