diff --git a/internal/conf/conf.go b/internal/conf/conf.go
index f7a6f88666f..61d2b3fef71 100644
--- a/internal/conf/conf.go
+++ b/internal/conf/conf.go
@@ -350,6 +350,7 @@ func Init(customConf string) error {
 	LFS.ObjectsPath = ensureAbs(LFS.ObjectsPath)
 
 	handleDeprecated()
+	warnDeprecated(File)
 
 	if err = File.Section("cache").MapTo(&Cache); err != nil {
 		return errors.Wrap(err, "mapping [cache] section")
diff --git a/internal/conf/static.go b/internal/conf/static.go
index 016fd139cb8..4cdb9173fff 100644
--- a/internal/conf/static.go
+++ b/internal/conf/static.go
@@ -5,11 +5,15 @@
 package conf
 
 import (
+	"fmt"
 	"net/url"
 	"os"
 	"time"
 
 	"github.com/gogs/go-libravatar"
+	"gogs.io/gogs/conf"
+	"gopkg.in/ini.v1"
+	log "unknwon.dev/clog/v2"
 )
 
 // ℹ️ README: This file contains static values that should only be set at initialization time.
@@ -433,6 +437,85 @@ func handleDeprecated() {
 	// }
 }
 
+// warnDeprecated warns about deprecated configuration sections and options.
+// NOTE: Delete this function after 0.14.0 is released
+func warnDeprecated(currentConfig *ini.File) []string {
+	// Deprecated sections and options
+	deprecatedSections := map[string]string{
+		"mailer":  "email",
+		"service": "auth",
+	}
+
+	type sectionOptionPair struct {
+		section string
+		option  string
+	}
+
+	deprecatedOptions := map[sectionOptionPair]sectionOptionPair{
+		{"security", "REVERSE_PROXY_AUTHENTICATION_USER"}: {"auth", "REVERSE_PROXY_AUTHENTICATION_HEADER"},
+		{"auth", "ACTIVE_CODE_LIVE_MINUTES"}:              {"auth", "ACTIVATE_CODE_LIVES"},
+		{"auth", "RESET_PASSWD_CODE_LIVE_MINUTES"}:        {"auth", "RESET_PASSWORD_CODE_LIVES"},
+		{"auth", "ENABLE_CAPTCHA"}:                        {"auth", "ENABLE_REGISTRATION_CAPTCHA"},
+		{"auth", "ENABLE_NOTIFY_MAIL"}:                    {"user", "ENABLE_EMAIL_NOTIFICATION"},
+		{"auth", "REGISTER_EMAIL_CONFIRM"}:                {"auth", "REQUIRE_EMAIL_CONFIRMATION"},
+		{"session", "GC_INTERVAL_TIME"}:                   {"session", "GC_INTERVAL"},
+		{"session", "SESSION_LIFE_TIME"}:                  {"session", "MAX_LIFE_TIME"},
+		{"server", "ROOT_URL"}:                            {"server", "EXTERNAL_URL"},
+		{"server", "LANDING_PAGE"}:                        {"server", "LANDING_URL"},
+		{"database", "DB_TYPE"}:                           {"database", "TYPE"},
+		{"database", "PASSWD"}:                            {"database", "PASSWORD"},
+	}
+
+	var warnings []string
+
+	for oldSection, newSection := range deprecatedSections {
+		if currentConfig.Section(oldSection).KeyStrings() != nil {
+			warning := fmt.Sprintf("section %s is deprecated, use %s instead", oldSection, newSection)
+			log.Warn(warning)
+			warnings = append(warnings, warning)
+		}
+	}
+
+	for oldSectionOption, newSectionOption := range deprecatedOptions {
+		if currentConfig.Section(oldSectionOption.section).HasKey(oldSectionOption.option) {
+			warning := fmt.Sprintf("option [%s] %s is deprecated, use [%s] %s instead",
+				oldSectionOption.section, oldSectionOption.option,
+				newSectionOption.section, newSectionOption.option)
+			log.Warn(warning)
+			warnings = append(warnings, warning)
+		}
+	}
+
+	// Compare available config with current config
+	availableConfigFS := conf.Files
+	availableConfigData, err := availableConfigFS.ReadFile("app.ini")
+	if err != nil {
+		log.Error("Failed to open available config: %v", err)
+		return warnings
+	}
+
+	availableConfig, err := ini.LoadSources(ini.LoadOptions{
+		IgnoreInlineComment: true,
+	}, availableConfigData)
+	if err != nil {
+		log.Error("Failed to parse available config: %v", err)
+		return warnings
+	}
+
+	for _, currentSection := range currentConfig.Sections() {
+		for _, currentOption := range currentSection.Keys() {
+			if !availableConfig.Section(currentSection.Name()).HasKey(currentOption.Name()) {
+				warning := fmt.Sprintf("option [%s] %s is not in the available config",
+					currentSection.Name(), currentOption.Name())
+				log.Warn(warning)
+				warnings = append(warnings, warning)
+			}
+		}
+	}
+
+	return warnings
+}
+
 // HookMode indicates whether program starts as Git server-side hook callback.
 // All operations should be done synchronously to prevent program exits before finishing.
 //
diff --git a/internal/conf/static_test.go b/internal/conf/static_test.go
index e9b9cb022e7..a789028a002 100644
--- a/internal/conf/static_test.go
+++ b/internal/conf/static_test.go
@@ -5,9 +5,11 @@
 package conf
 
 import (
+	"sort"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"gopkg.in/ini.v1"
 )
 
 func Test_i18n_DateLang(t *testing.T) {
@@ -33,3 +35,69 @@ func Test_i18n_DateLang(t *testing.T) {
 		})
 	}
 }
+
+// TestWarnDeprecated tests the warnDeprecated function.
+// It creates a new ini.File, adds some sections and keys,
+// and then checks if the expected warnings are returned by the function.
+func TestWarnDeprecated(t *testing.T) {
+	cfg := ini.Empty()
+	cfg.Section("mailer").NewKey("ENABLED", "true")
+	cfg.Section("service").NewKey("START_TYPE", "true")
+	cfg.Section("security").NewKey("REVERSE_PROXY_AUTHENTICATION_USER", "true")
+	cfg.Section("auth").NewKey("ACTIVE_CODE_LIVE_MINUTES", "10")
+	cfg.Section("auth").NewKey("RESET_PASSWD_CODE_LIVE_MINUTES", "10")
+	cfg.Section("auth").NewKey("ENABLE_CAPTCHA", "true")
+	cfg.Section("auth").NewKey("ENABLE_NOTIFY_MAIL", "true")
+	cfg.Section("auth").NewKey("REGISTER_EMAIL_CONFIRM", "true")
+	cfg.Section("session").NewKey("GC_INTERVAL_TIME", "10")
+	cfg.Section("session").NewKey("SESSION_LIFE_TIME", "10")
+	cfg.Section("server").NewKey("ROOT_URL", "true")
+	cfg.Section("server").NewKey("LANDING_PAGE", "true")
+	cfg.Section("database").NewKey("DB_TYPE", "true")
+	cfg.Section("database").NewKey("PASSWD", "true")
+	cfg.Section("other").NewKey("SHOW_FOOTER_BRANDING", "true")
+	cfg.Section("other").NewKey("SHOW_FOOTER_TEMPLATE_LOAD_TIME", "true")
+	cfg.Section("email").NewKey("ENABLED", "true")
+	cfg.Section("email").NewKey("key_not_exist", "true")
+
+	expectedDeprecatedWarning := []string{
+		"option [auth] ACTIVE_CODE_LIVE_MINUTES is deprecated, use [auth] ACTIVATE_CODE_LIVES instead",
+		"option [auth] ENABLE_CAPTCHA is deprecated, use [auth] ENABLE_REGISTRATION_CAPTCHA instead",
+		"option [auth] ENABLE_NOTIFY_MAIL is deprecated, use [user] ENABLE_EMAIL_NOTIFICATION instead",
+		"option [auth] REGISTER_EMAIL_CONFIRM is deprecated, use [auth] REQUIRE_EMAIL_CONFIRMATION instead",
+		"option [auth] RESET_PASSWD_CODE_LIVE_MINUTES is deprecated, use [auth] RESET_PASSWORD_CODE_LIVES instead",
+		"option [database] DB_TYPE is deprecated, use [database] TYPE instead",
+		"option [database] PASSWD is deprecated, use [database] PASSWORD instead",
+		"option [security] REVERSE_PROXY_AUTHENTICATION_USER is deprecated, use [auth] REVERSE_PROXY_AUTHENTICATION_HEADER instead",
+		"option [session] GC_INTERVAL_TIME is deprecated, use [session] GC_INTERVAL instead",
+		"option [session] SESSION_LIFE_TIME is deprecated, use [session] MAX_LIFE_TIME instead",
+		"section mailer is deprecated, use email instead",
+		"section service is deprecated, use auth instead",
+		"option [server] ROOT_URL is deprecated, use [server] EXTERNAL_URL instead",
+		"option [server] LANDING_PAGE is deprecated, use [server] LANDING_URL instead",
+	}
+	expectedUnusedWarning := []string{
+		"option [auth] ACTIVE_CODE_LIVE_MINUTES is not in the available config",
+		"option [auth] ENABLE_CAPTCHA is not in the available config",
+		"option [auth] ENABLE_NOTIFY_MAIL is not in the available config",
+		"option [auth] REGISTER_EMAIL_CONFIRM is not in the available config",
+		"option [auth] RESET_PASSWD_CODE_LIVE_MINUTES is not in the available config",
+		"option [database] DB_TYPE is not in the available config",
+		"option [database] PASSWD is not in the available config",
+		"option [email] key_not_exist is not in the available config",
+		"option [mailer] ENABLED is not in the available config",
+		"option [security] REVERSE_PROXY_AUTHENTICATION_USER is not in the available config",
+		"option [server] LANDING_PAGE is not in the available config",
+		"option [server] ROOT_URL is not in the available config",
+		"option [service] START_TYPE is not in the available config",
+		"option [session] GC_INTERVAL_TIME is not in the available config",
+		"option [session] SESSION_LIFE_TIME is not in the available config",
+	}
+
+	expectedWarning := append(expectedDeprecatedWarning, expectedUnusedWarning...)
+	actualWarning := warnDeprecated(cfg)
+	sort.Strings(expectedWarning)
+	sort.Strings(actualWarning)
+	assert.Equal(t, expectedWarning, actualWarning)
+
+}

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/gogs/gogs/pull/7705.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/gogs/gogs/pull/7705.diff" target="_blank">pFad Proxy</a></p><p><a href="http://clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/gogs/gogs/pull/7705.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/gogs/gogs/pull/7705.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>