diff --git a/_config.yml b/_config.yml
index 79d7564c7f0..57167c06439 100644
--- a/_config.yml
+++ b/_config.yml
@@ -101,8 +101,8 @@ social:
 # Home Assistant release details
 current_major_version: 0
 current_minor_version: 98
-current_patch_version: 3
-date_released: 2019-09-04
+current_patch_version: 5
+date_released: 2019-09-07
 
 # Either # or the anchor link to latest release notes in the blog post.
 # Must be prefixed with a # and have double quotes around it.
diff --git a/source/_components/cover.template.markdown b/source/_components/cover.template.markdown
index 951e750544a..6d130751268 100644
--- a/source/_components/cover.template.markdown
+++ b/source/_components/cover.template.markdown
@@ -109,10 +109,10 @@ Template Cover may get an `unknown` state during startup. This results in error
 messages in your log file until that platform has completed loading.
 If you use `is_state()` function in your template, you can avoid this situation.
 For example, you would replace
-{% raw %}`{{ is_state('switch.source', 'on') }}`{% endraw %}
+{% raw %}`{{ states.cover.source.state == 'open' }}`{% endraw %}
 with this equivalent that returns `true`/`false` and never gives an unknown
 result:
-{% raw %}`{{ is_state('switch.source', 'on') }}`{% endraw %}
+{% raw %}`{{ is_state('cover.source', 'open') }}`{% endraw %}
 
 ## Optimistic Mode
 
diff --git a/source/_components/discord.markdown b/source/_components/discord.markdown
index 316a813675e..c7f146bfde4 100644
--- a/source/_components/discord.markdown
+++ b/source/_components/discord.markdown
@@ -74,7 +74,9 @@ This channel ID has to be used as the target when calling the notification servi
     message: "A message from Home Assistant"
     target: ["1234567890", "0987654321"]
     data:
-      images: "/tmp/garage_cam"
+      images: 
+      - "/tmp/garage_cam"
+      - "/tmp/garage.jpg"
 ```
 
 ### Notes
diff --git a/source/_components/homematicip_cloud.markdown b/source/_components/homematicip_cloud.markdown
index 5e7a0f81359..19124cec67d 100644
--- a/source/_components/homematicip_cloud.markdown
+++ b/source/_components/homematicip_cloud.markdown
@@ -51,7 +51,7 @@ The authentification token will be generated and stored internally.
 
 Generate the authentication token:
 
-`generate_auth_token.py`
+`hmip_generate_auth_token.py`
 
 Add the information to your `configuration.yaml` file:
 
diff --git a/source/_components/iss.markdown b/source/_components/iss.markdown
index ca17b3ee159..8297df45346 100644
--- a/source/_components/iss.markdown
+++ b/source/_components/iss.markdown
@@ -61,6 +61,6 @@ camera:
   - platform: generic
     name: ISS
     still_image_url: http://staticmap.openstreetmap.de/staticmap.php?center={{ state_attr('binary_sensor.iss', 'lat') }},{{ state_attr('binary_sensor.iss', 'long') }}&zoom=4&size=865x512&maptype=mapnik&markers={{ state_attr('binary_sensor.iss', 'lat') }},{{ state_attr('binary_sensor.iss', 'long') }},lightblue
-     limit_refetch_to_url_change: true
+    limit_refetch_to_url_change: true
 ```
 {% endraw %}
diff --git a/source/_components/meteoalarm.markdown b/source/_components/meteoalarm.markdown
index cab49e20b11..4ccac08c28d 100644
--- a/source/_components/meteoalarm.markdown
+++ b/source/_components/meteoalarm.markdown
@@ -29,7 +29,7 @@ name:
   default: meteoalarm
   type: string
 country:
-  description: The 2 digits of your country
+  description: The 2 letters of your country
   required: true
   type: string
 province:
@@ -37,7 +37,7 @@ province:
   required: true
   type: string
 language:
-  description: "The 4 digits our your language, please be aware that this is only possible in the current country. So 'ne' is only possible in Netherlands. Possible options is: bu, bs, ce, da, de, ee, en, es, ga, ca, su, fr, gr, he, hr, ma, is, it, li, la, sr, mk, ma, ne, no, po, ro, cp, sv, sl, eu."
+  description: "The 2 letters of your language, please be aware that this is only possible in the current country. So 'ne' is only possible in Netherlands. Possible options are: bu, bs, ce, da, de, ee, en, es, ga, ca, su, fr, gr, he, hr, ma, is, it, li, la, sr, mk, ma, ne, no, po, ro, cp, sv, sl, eu."
   required: false
   type: string
   default: 'en'
diff --git a/source/_components/statistics.markdown b/source/_components/statistics.markdown
index 9169823913e..46cb802cb1c 100644
--- a/source/_components/statistics.markdown
+++ b/source/_components/statistics.markdown
@@ -11,7 +11,7 @@ redirect_from:
  - /components/sensor.statistics/
 ---
 
-The `statistics` sensor platform consumes the state from other sensors. It exports the `mean` value as state and the following values as attributes: `count`, `mean`, `median`, `stdev`, `variance`, `total`, `min`, `max`, `min_age`, `max_age`, `change`, `average_change` and `change_rate`. If it's a binary sensor then only state changes are counted.
+The `statistics` sensor platform consumes the state from other sensors. It exports the `mean` value as state and the following values as attributes: `count`, `mean`, `median`, `stdev`, `variance`, `total`, `min_value`, `max_value`, `min_age`, `max_age`, `change`, `average_change` and `change_rate`. If it's a binary sensor then only state changes are counted.
 
 If you are running the [recorder](/components/recorder/) component, on startup the data is read from the database. So after a restart of the platform, you will immediately have data available. If you're using the [history](/components/history/) component, this will automatically also start the `recorder` integration on startup.
 If you are *not* running the `recorder` component, it can take time till the sensor starts to work because a couple of attributes need more than one value to do the calculation.
diff --git a/source/_components/switch.modbus.markdown b/source/_components/switch.modbus.markdown
index c4714555baa..f27377d70e7 100644
--- a/source/_components/switch.modbus.markdown
+++ b/source/_components/switch.modbus.markdown
@@ -18,7 +18,6 @@ To use your Modbus switches in your installation, add the following to your `con
 # Example configuration.yaml entry
 switch:
   platform: modbus
-  slave: 1
   coils:
     - name: Switch1
       hub: hub1
@@ -115,3 +114,24 @@ register:
       default: same as command_off
       type: integer
 {% endconfiguration %}
+
+It's possible to change the default 30 seconds scan interval for the switch state updates as shown in the [Platform options](/docs/configuration/platform_options/#scan-interval) documentation.
+
+### Full example
+
+Example a temperature sensor with a 10 seconds scan interval:
+
+```yaml
+switch:
+  platform: modbus
+  scan_interval: 10
+  coils:
+    - name: Switch1
+      hub: hub1
+      slave: 1
+      coil: 13
+    - name: Switch2
+      hub: hub1
+      slave: 2
+      coil: 14
+```
diff --git a/source/_components/template.markdown b/source/_components/template.markdown
index 17367c9e03a..ddf52b963b8 100644
--- a/source/_components/template.markdown
+++ b/source/_components/template.markdown
@@ -299,7 +299,7 @@ sensor:
   - platform: template
     sensors:
       nonsmoker:
-        value_template: '{{ (( as_timestamp(now()) - as_timestamp(strptime("06.07.2018", "%d.%m.%Y")) ) / 86400 ) | round(2) }}'
+        value_template: "{{ (( as_timestamp(now()) - as_timestamp(strptime('06.07.2018', '%d.%m.%Y')) ) / 86400 ) | round(2) }}"
         entity_id: sensor.date
         friendly_name: 'Not smoking'
         unit_of_measurement: "Days"
@@ -316,7 +316,7 @@ sensor:
   - platform: template
     sensors:
       nonsmoker:
-        value_template: '{{ (( as_timestamp(now()) - as_timestamp(strptime("06.07.2018", "%d.%m.%Y")) ) / 86400 ) | round(2) }}'
+        value_template: "{{ (( as_timestamp(now()) - as_timestamp(strptime('06.07.2018', '%d.%m.%Y')) ) / 86400 ) | round(2) }}"
         entity_id: []
         friendly_name: 'Not smoking'
         unit_of_measurement: "Days"
diff --git a/source/_docs/configuration/securing.markdown b/source/_docs/configuration/securing.markdown
index 267053a1c95..34391126d78 100644
--- a/source/_docs/configuration/securing.markdown
+++ b/source/_docs/configuration/securing.markdown
@@ -13,12 +13,11 @@ Here's the summary of what you *must* do to secure your Home Assistant system:
 - Configure [secrets](/docs/configuration/secrets/) (but do remember to back them up)
 - Regularly keep the system up to date
 
-If you only want to use integrations supported by [Home Assistant cloud](/cloud/) then you don't need to enable remote access. This is obviously the most secure option, but does mean that you're relying on a cloud service for that functionality.
+## Remote Access
 
-- For remote access to the UI, use a [VPN](http://www.pivpn.io/), [Tor](/docs/ecosystem/tor/) or an [SSH tunnel](/blog/2017/11/02/secure-shell-tunnel/)
-- For remote access for components, use a [TLS/SSL](/docs/ecosystem/certificates/lets_encrypt/) certificate
+If you want secure remote access, the easiest option is to use [Home Assistant cloud](/cloud/). Other options are to use [TLS/SSL](/docs/ecosystem/certificates/lets_encrypt/) to expose your instance to the internet, use a [VPN](http://www.pivpn.io/), [Tor](/docs/ecosystem/tor/) or an [SSH tunnel](/blog/2017/11/02/secure-shell-tunnel/).
 
-### You should
+### Extras for manual installations
 
 As well as the above we advise that you consider the following to improve security:
 
@@ -26,29 +25,3 @@ As well as the above we advise that you consider the following to improve securi
 - Lock down the host following good practice guidance, for example:
   * [Securing Debian Manual](https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html) (this also applies to Raspbian)
   * [Red Hat Enterprise Linux 7 Security Guide](https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/pdf/Security_Guide/Red_Hat_Enterprise_Linux-7-Security_Guide-en-US.pdf), [CIS Red Hat Enterprise Linux 7 Benchmark](https://benchmarks.cisecurity.org/tools2/linux/CIS_Red_Hat_Enterprise_Linux_7_Benchmark_v1.0.0.pdf)
-
-<div class='note warning'>
-
-  If you've forwarded *any* ports to your Home Assistant system from the Internet, then it *will* be found by others. Whether through services like Shodan, or direct port scanning, all systems on the Internet are routinely probed for accessible services. If you fail to set a password then it is simply a matter of time before somebody finds your system and starts abusing it - potentially as little as a few hours.
-
-</div>
-
-### Remote access for just the UI
-
-If you only want remote access for access to the web UI then we advise that you follow the [Installation](/docs/installation/) section, then set up one of:
-
-- A VPN such as [PiVPN](http://www.pivpn.io/) or [ZeroTier](https://www.zerotier.com/), which will give you access to your whole home network
-- [Tor](/docs/ecosystem/tor/), which also avoids the need for port forwarding
-- An [SSH tunnel](/blog/2017/11/02/secure-shell-tunnel/) to connect to your frontend
-
-### Remote access for integrations
-
-For remote access for a component, for example, a device tracker, you have to enable access to the API by:
-
-1. Following the steps in [Installation](/docs/installation/), then
-2. Forwarding a port and protect your communication with one of:
-  * A [TLS/SSL](/docs/ecosystem/certificates/lets_encrypt/) certificate (you can use one from Let's Encrypt, or any commercial SSL certificate vendor)
-  * A [self-signed certificate](/cookbook/tls_self_signed_certificate/) - be warned though, some services will refuse to work with self-signed certificates
-3. Optionally use a proxy like [NGINX](/docs/ecosystem/nginx/), [Apache](/docs/ecosystem/apache/), [HAproxy](/docs/ecosystem/haproxy/) or another. These allow you to provide finer-grained access. You could use this to limit access to specific parts of the API (for example, only `/api/owntracks/`)
-4. Enable IP Filtering and configure a low [Login Attempts Threshold](/components/http/)
-5. If you use a proxy then install [fail2ban](https://www.fail2ban.org/wiki/index.php/Main_Page) to [monitor your proxy logs](/cookbook/fail2ban/) (or Home Assistant logs) for failed authentication
diff --git a/source/_docs/ecosystem/hass-configurator.markdown b/source/_docs/ecosystem/hass-configurator.markdown
index c8f39f7b751..a212c861929 100644
--- a/source/_docs/ecosystem/hass-configurator.markdown
+++ b/source/_docs/ecosystem/hass-configurator.markdown
@@ -6,8 +6,8 @@ redirect_from: /ecosystem/hass-configurator/
 
 ### Configuration UI for Home Assistant
 
-Since there currently is no nice way to edit the yaml-files Home Assistant is using through the frontend, here is a small webapp that hopefully makes the configuration easier. It is a customized and embedded [Ace editor](https://ace.c9.io/), which has syntax highlighting for yaml, the format used for Home Assistants configuration files. There is an integrated file browser to select whatever file you want to edit. When you're done with editing the file, click the save-button and it will replace the original.
-Essentially this is a browser-based alternative to modifying your configuration through SSH, Windows + SMB, Github etc..
+Since there is currently no nice way to edit the YAML files Home Assistant is using through the frontend, here is a small webapp that hopefully makes configuration easier. It is a customized and embedded [Ace editor](https://ace.c9.io/), which has syntax highlighting for YAML, the format used for Home Assistant's configuration files. There is also an integrated file browser to select whatever file you want to edit. When you're done editing the file, simply click the save button and your changes will be applied.
+This is essentially a browser-based alternative to modifying your configuration through SSH, Windows + SMB, Github, etc.
 
 <p class='img'>
 <img src='/images/hassio/screenshots/addon-hass-configurator.png'>
@@ -16,10 +16,10 @@ Screenshot of the HASS Configurator.
 
 ### Feature list
 
-- Web-Based editor to modify your files
+- Web-based editor to modify your files
 - Upload and download files
 - Git integration
-- Lists of available triggers, events, entities, conditions and services. Selected element gets inserted into the editor at the last cursor position.
+- List of available triggers, events, entities, conditions and services. Selected element gets inserted into the editor at the last cursor position.
 - Check valid configuration and restart Home Assistant directly with the click of a button
 - SSL support
 - Optional authentication and IP filtering for additional security
@@ -33,7 +33,7 @@ Consider running the configurator as a user with limited privileges to limit pos
 </div>
 
 ### Installation (Linux, macOS)
-There are no dependencies on Python modules that are not part of the standard library. And all the fancy JavaScript libraries are loaded from CDN (which means this doesn't work when you're offline).
+There are no dependencies on Python modules that are not part of the standard library. All the fancy JavaScript libraries are loaded from CDN (which means this doesn't work when you're offline).
 - Copy [configurator.py](https://github.com/danielperna84/hass-configurator/blob/master/configurator.py) to your Home Assistant configuration directory (e.g `/home/homeassistant/.homeassistant`): `wget https://raw.githubusercontent.com/danielperna84/hass-configurator/master/configurator.py`
 - Make it executable: `sudo chmod 755 configurator.py`
 - (Optional) Set the `GIT` variable in configurator.py to `True` if [GitPython](https://gitpython.readthedocs.io/) is installed on your system. This is required if you want to make use of the Git integration.
@@ -41,8 +41,8 @@ There are no dependencies on Python modules that are not part of the standard li
 - To terminate the process do the usual `CTRL+C`, maybe once or twice
 
 ### Configuration
-Near the top of the `configurator.py`-file you will find some global variables you can change to customize the configurator. If you are unfamiliar with Python: when setting variables of the type _string_, you have to write that within quotation marks. The default settings are fine for just checking out the configurator quickly. With more customized setups you should change some settings though.
-To keep your settings across updates it is also possible to save settings in an external file. In that case copy [settings.conf](https://github.com/danielperna84/hass-configurator/blob/master/settings.conf) wherever you like and append the full path to the file to the command when starting the configurator. e.g., `sudo .configurator.py /home/homeassistant/.homeassistant/mysettings.conf`. This file is in JSON format. So make sure it has a valid syntax (you can set the editor to JSON to get syntax highlighting for the settings). The major difference to the settings in the py-file is, that `None` becomes `null`.
+Near the top of the `configurator.py` file you will find some global variables you can change to customize the configurator. When setting variables of the type _string_, the string must be within quotation marks. The default settings are fine for just checking out the configurator quickly. For more customized setups it might be advisable to change some settings.
+To keep your settings across updates it is also possible to save settings in an external file. In that case copy [settings.conf](https://github.com/danielperna84/hass-configurator/blob/master/settings.conf) wherever you like and append the full path to the file to the command when starting the configurator. e.g., `sudo .configurator.py /home/homeassistant/.homeassistant/mysettings.conf`. This file is in JSON format, so make sure it has a valid syntax (you can set the editor to JSON to get syntax highlighting for the settings). The major difference to the settings in the .py file is that `None` becomes `null`.
 
 #### LISTENIP (string)
 The IP the service is listening on. By default it is binding to `0.0.0.0`, which is every interface on the system.
@@ -70,20 +70,20 @@ Files and folders to ignore in the UI, e.g., `IGNORE_PATTERN = [".*", "*.log", "
 If set to `True`, directories will be displayed at the top of the filebrowser.
 #### GIT (bool)
 Set this variable to `True` to enable Git integration. This feature requires [GitPython](https://gitpython.readthedocs.io)
- to be installed on the system that is running the configurator. For technical reasons this feature can not be enabled with the static settings file.
+ to be installed on the system that is running the configurator. For technical reasons this feature cannot be enabled with the static settings file.
 
 __Note regarding `ALLOWED_NETWORKS`, `BANNED_IPS` and `BANLIMIT`__:
 The way this is implemented works in the following order:
 
 1. (Only if `CREDENTIALS` is set) Check credentials
-  - Failure: Retry `BANLIMIT` times, after that return error 420 (unless you try again without any authentication headers set, e.g., private tab of your browser)
+  - Failure: Retry `BANLIMIT` times, after that return error 420 (unless you try again without any authentication headers set, such as in a private tab of your browser)
   - Success: Continue
 2. Check if client IP address is in `BANNED_IPS`
   - Yes: Return error 420
   - No: Continue
 3. Check if client IP address is in `ALLOWED_NETWORKS`
-  - No: Return error 420
   - Yes: Continue and display UI of configurator
+  - No: Return error 420
 
 ### Embedding into Home Assistant
 Home Assistant has the [panel_iframe](/components/panel_iframe/) component. With this it is possible to embed the configurator directly into Home Assistant, allowing you to modify your configuration through the Home Assistant frontend.
@@ -98,11 +98,11 @@ panel_iframe:
 ```
 
 <div class='note warning'>
-Be careful when setting up port forwarding to the configurator while embedding it into Home Assistant. If you don't restrict access by requiring authentication and / or blocking based on client IP addresses, your configuration will be exposed to the internet!
+Be careful when setting up port forwarding to the configurator while embedding it into Home Assistant. If you don't restrict access by requiring authentication and/or blocking based on client IP addresses, your configuration will be exposed to the Internet!
 </div>
 
 ### Daemonizing / Keeping the configurator running
-Since the configurator script on its own is no service, you will have to take some extra steps to keep it running. Here are five options (for Linux), but there are more, depending on your usecase.
+Since the configurator script on its own is not a service, you will have to take some extra steps to keep it running. Here are five options (for Linux), but there are more depending on your usecase.
 
 1. Fork the process into the background with the command:
 `nohup sudo ./configurator.py &`
diff --git a/source/_includes/site/footer.html b/source/_includes/site/footer.html
index 697c6cdf3e9..2f2328a9569 100644
--- a/source/_includes/site/footer.html
+++ b/source/_includes/site/footer.html
@@ -19,6 +19,7 @@
             <li><a href='https://developers.home-assistant.io'>Developers</a></li>
             <li><a href='https://data.home-assistant.io'>Data Science</a></li>
             <li><a href='mailto:hello@home-assistant.io'>Contact</a> (no support!)</li>
+            <li><a href='/security/'>Security Vulnerabilities</a></li>
             <li><a href='/privacy/'>Privacy</a></li>
             <li><a href='https://status.home-assistant.io'>System Status</a></li>
           </ul>
diff --git a/source/_posts/2019-08-28-release-98.markdown b/source/_posts/2019-08-28-release-98.markdown
index fc279a33460..f1e72510242 100644
--- a/source/_posts/2019-08-28-release-98.markdown
+++ b/source/_posts/2019-08-28-release-98.markdown
@@ -193,6 +193,16 @@ Screencap of the batcave video.
 [version docs]: https://www.home-assistant.io/components/version/
 [websocket_api docs]: https://www.home-assistant.io/components/websocket_api/
 
+## Release 0.98.4 - September 4
+
+ - Fix Tuya switches ([@balloob])
+
+## Release 0.98.5 - September 6
+
+We have been notified by Gregor Godbersen that our markdown renderer was vulnerable for an XSS attack if exposed to specially crafted markdown. This was introduced in the Home Assistant 0.98 release. We have verified that Home Assistant 0.98.0 does not render unsafe markdown, yet still wanted to make sure to issue an update as soon as possible.
+
+More information in this [frontend pull request](https://github.com/home-assistant/home-assistant-polymer/pull/3640).
+
 ## If you need help...
 
 ...don't hesitate to use our very active [forums](https://community.home-assistant.io/) or join us for a little [chat](https://discord.gg/c5DvZ4e).
diff --git a/source/security/index.markdown b/source/security/index.markdown
new file mode 100644
index 00000000000..4b54dd0c0be
--- /dev/null
+++ b/source/security/index.markdown
@@ -0,0 +1,10 @@
+---
+title: "Security"
+description: "Information about disclosing security vulnerabilities in Home Assistant."
+---
+
+If you think that you have found a security vulnerability in Home Assistant, please disclose it to us via our security e-mail address at [security@home-assistant.io](mailto://security@home-assistant.io).
+
+Please do not make vulnerabilities public without notifying us and giving us at least 3 days to respond.
+
+If you are going to write about Home Assistant's security, please get in touch, so we can make sure that all claims are correct.