diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 56a022ca2..1222b6c9f 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,35 +1,20 @@
 version: 2
 updates:
-  - package-ecosystem: pip
-    directory: "/docs"
+  - package-ecosystem: github-actions
+    directory: "/"
     schedule:
       interval: daily
-      time: "04:00"
-      timezone: "Europe/Berlin"
-    labels:
-      - "cookiecutter"
-      - "dependencies"
-      - "python"
-    open-pull-requests-limit: 99
+      time: "09:00"
+    open-pull-requests-limit: 10
   - package-ecosystem: pip
     directory: "/.github/workflows"
     schedule:
       interval: daily
-      time: "04:00"
-      timezone: "Europe/Berlin"
-    labels:
-      - "cookiecutter"
-      - "dependencies"
-      - "python"
-    open-pull-requests-limit: 99
-  - package-ecosystem: github-actions
-    directory: "/"
+      time: "09:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: pip
+    directory: "/docs"
     schedule:
       interval: daily
-      time: "04:00"
-      timezone: "Europe/Berlin"
-    labels:
-      - "cookiecutter"
-      - "dependencies"
-      - "github_actions"
-    open-pull-requests-limit: 99
+      time: "09:00"
+    open-pull-requests-limit: 10
diff --git a/README.rst b/README.rst
index 822959257..93b990ffb 100644
--- a/README.rst
+++ b/README.rst
@@ -227,7 +227,7 @@ Dependabot
 
 1. Sign up at Dependabot_.
 2. Install their GitHub app.
-
+3. Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`.
 
 Read the Docs
 ~~~~~~~~~~~~~
diff --git a/docs/guide.rst b/docs/guide.rst
index 301f4ace1..726fdd566 100644
--- a/docs/guide.rst
+++ b/docs/guide.rst
@@ -405,7 +405,7 @@ and links each file to a section with more details.
    ===================================== ========================================
    ``.cookiecutter.json``                :ref:`Project variables <Creating a project>`
    ``.darglint``                         Configuration for :ref:`darglint <darglint integration>`
-   ``.dependabot/config.yml``            Configuration for :ref:`Dependabot <Dependabot integration>`
+   ``.github/dependabot.yml``            Configuration for :ref:`Dependabot <Dependabot integration>`
    ``.flake8``                           Configuration for :ref:`Flake8 <The Flake8 hook>`
    ``.gitattributes``                    `Git attributes <.gitattributes_>`__
    ``.gitignore``                        `Git ignore file <.gitignore_>`__
@@ -1925,11 +1925,12 @@ Follow these steps to set up Dependabot for your repository:
 
 1. Sign up at Dependabot_.
 2. Install their GitHub app.
+3. Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`.
 
 The configuration is included in the repository,
-in the file `.dependabot/config.yml`__.
+in the file `.github/dependabot.yml`__.
 
-__ https://dependabot.com/docs/config-file/
+__ https://help.github.com/en/github/administering-a-repository/customizing-dependency-updates
 
 Dependabot integrates with your repository via its GitHub app.
 
diff --git a/{{cookiecutter.project_name}}/.dependabot/config.yml b/{{cookiecutter.project_name}}/.dependabot/config.yml
deleted file mode 100644
index 837e3e88d..000000000
--- a/{{cookiecutter.project_name}}/.dependabot/config.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-version: 1
-update_configs:
-  - package_manager: "python"
-    directory: "/"
-    update_schedule: "daily"
-    allowed_updates:
-      - match:
-          update_type: "all"
-  - package_manager: "python"
-    directory: "/docs"
-    update_schedule: "daily"
-    allowed_updates:
-      - match:
-          update_type: "all"
-  - package_manager: "python"
-    directory: "/.github/workflows"
-    update_schedule: "daily"
-    allowed_updates:
-      - match:
-          update_type: "all"
-  - package_manager: "github_actions"
-    directory: "/"
-    update_schedule: "daily"
-    allowed_updates:
-      - match:
-          update_type: "all"
diff --git a/{{cookiecutter.project_name}}/.github/dependabot.yml b/{{cookiecutter.project_name}}/.github/dependabot.yml
new file mode 100644
index 000000000..6f8d6fa5a
--- /dev/null
+++ b/{{cookiecutter.project_name}}/.github/dependabot.yml
@@ -0,0 +1,26 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "09:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: pip
+    directory: "/.github/workflows"
+    schedule:
+      interval: daily
+      time: "09:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: pip
+    directory: "/docs"
+    schedule:
+      interval: daily
+      time: "09:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: pip
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "09:00"
+    open-pull-requests-limit: 10