diff --git a/CHANGELOG.md b/CHANGELOG.md
index 157b51b..1c67d3b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## 2024-08-27
+### Added
+- Add loud warning to `bin/doctor` when not using Sandboxed Compiles/`SIBLING_CONTAINERS_ENABLED=true`
+- Refuse to start Community Edition with `SIBLING_CONTAINERS_ENABLED=true`
+
 ## 2024-08-27
 ### Added
 - Surface `MONGO_VERSION` from `bin/doctor`
diff --git a/bin/docker-compose b/bin/docker-compose
index 01a31dc..48d01a3 100755
--- a/bin/docker-compose
+++ b/bin/docker-compose
@@ -28,8 +28,17 @@ function build_environment() {
   if [[ $MONGO_ENABLED == "true" ]]; then
     set_mongo_vars
   fi
-  if [[ $SERVER_PRO == "true" && "$SIBLING_CONTAINERS_ENABLED" == "true" ]]; then
-    set_sibling_containers_vars
+  if [[ "$SIBLING_CONTAINERS_ENABLED" == "true" ]]; then
+    if [[ $SERVER_PRO == "true" ]]; then
+      set_sibling_containers_vars
+    else
+      echo "ERROR: SIBLING_CONTAINERS_ENABLED=true is not supported in Overleaf Community Edition." >&2
+      echo "  Sibling containers are not available in Community Edition, which is intended for use in environments where all users are trusted. Community Edition is not appropriate for scenarios where isolation of users is required." >&2
+      echo "  When not using Sibling containers, users have full read and write access to the 'sharelatex' container resources (filesystem, network, environment variables) when running LaTeX compiles." >&2
+      echo "  Sibling containers are offered as part of our Server Pro offering and you can read more about the differences at https://www.overleaf.com/for/enterprises/features." >&2
+      echo "  Set SIBLING_CONTAINERS_ENABLED=false in config/overleaf.rc to continue using insecure in-container compiles." >&2
+      exit 1
+    fi
   fi
   if [[ $NGINX_ENABLED == "true" ]]; then
     set_nginx_vars
@@ -112,7 +121,7 @@ function set_redis_vars() {
 
   if [[ -z "${REDIS_AOF_PERSISTENCE:-}" ]]; then
     echo "WARNING: the value of REDIS_AOF_PERSISTENCE is not set in config/overleaf.rc"
-    echo "See https://github.com/overleaf/overleaf/wiki/Release-Notes-5.x.x#redis-aof-persistence-enabled-by-default"
+    echo "  See https://github.com/overleaf/overleaf/wiki/Release-Notes-5.x.x#redis-aof-persistence-enabled-by-default"
     REDIS_COMMAND="redis-server"
   elif [[ $REDIS_AOF_PERSISTENCE == "true" ]]; then
     REDIS_COMMAND="redis-server --appendonly yes"
diff --git a/bin/doctor b/bin/doctor
index b5ea008..e255035 100755
--- a/bin/doctor
+++ b/bin/doctor
@@ -212,6 +212,10 @@ function check_config_files() {
         fi
 
         print_point 2 "SERVER_PRO: $SERVER_PRO"
+        print_point 2 "SIBLING_CONTAINERS_ENABLED: $SIBLING_CONTAINERS_ENABLED"
+        if [[ "${SIBLING_CONTAINERS_ENABLED:-null}" != "true" ]]; then
+          add_warning "Detected SIBLING_CONTAINERS_ENABLED=false. When not using Sibling containers, users have full read and write access to the 'sharelatex' container resources (filesystem, network, environment variables) when running LaTeX compiles. Only use this mode in environments where all users are trusted and no isolation of users is required."
+        fi
         if [[ "${SERVER_PRO:-null}" == "true" ]]; then
           local logged_in
           logged_in="$(grep -q quay.io ~/.docker/config.json && echo 'true' || echo 'false')"
@@ -226,7 +230,8 @@ function check_config_files() {
             )
             add_warning "${warning_message[@]}"
           fi
-          print_point 2 "SIBLING_CONTAINERS_ENABLED: $SIBLING_CONTAINERS_ENABLED"
+        elif [[ "${SIBLING_CONTAINERS_ENABLED:-null}" == "true" ]]; then
+          add_warning "Sibling containers are not available in Community Edition, which is intended for use in environments where all users are trusted. Community Edition is not appropriate for scenarios where isolation of users is required. Sibling containers are offered as part of our Server Pro offering and you can read more about the differences at https://www.overleaf.com/for/enterprises/features. Set SIBLING_CONTAINERS_ENABLED=false in config/overleaf.rc to continue using insecure in-container compiles."
         fi
         if [[ "${OVERLEAF_LISTEN_IP:-null}" != "null" ]]; then
           print_point 2 "OVERLEAF_LISTEN_IP: ${OVERLEAF_LISTEN_IP}"
diff --git a/doc/sandboxed-compiles.md b/doc/sandboxed-compiles.md
index 51bcd76..e7b1f6c 100644
--- a/doc/sandboxed-compiles.md
+++ b/doc/sandboxed-compiles.md
@@ -1,6 +1,12 @@
 # Sandboxed Compiles
 
-In Server Pro, it is possible to have each LaTeX project be compiled in a separate docker container, achieving sandbox isolation between projects. 
+In Server Pro, it is possible to have each LaTeX project be compiled in a separate docker container, achieving sandbox isolation between projects.
+
+This feature is also known as "Sibling containers" as LaTeX compiles are running in a sibling container next to the Server Pro docker container.
+
+When not using Sandboxed Compiles, users have full read and write access to the `sharelatex` container resources (filesystem, network, environment variables) when running LaTeX compiles.
+
+Note: Sibling containers are not available in Community Edition, which is intended for use in environments where all users are trusted. Community Edition is not appropriate for scenarios where isolation of users is required.
 
 ## How It Works