diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 0000000..6cb4183
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,16 @@
+# Rack::Attack: Contributing
+
+Thank you for considering contributing to Rack::Attack.
+
+This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Code of Conduct](CODE_OF_CONDUCT.md).
+
+## How can I help?
+
+Any of the following is greatly appreciated:
+
+* Helping users by answering to their [questions](https://github.com/kickstarter/rack-attack/issues?q=is%3Aopen+is%3Aissue+label%3A%22type%3A+question%22)
+* Helping users troubleshoot their [error reports](https://github.com/kickstarter/rack-attack/issues?q=is%3Aissue+is%3Aopen+label%3A%22type%3A+error+report%22) to figure out if the error is caused by an actual bug or some misconfiguration
+* Giving feedback by commenting in other users [feature requests](https://github.com/kickstarter/rack-attack/issues?q=is%3Aissue+is%3Aopen+label%3A%22type%3A+feature+request%22)
+* Reporting an error you are experiencing
+* Suggesting a new feature you think it would be useful for many users
+* If you want to work on fixing an actual issue and you don't know where to start, those labeled [good first issue](https://github.com/kickstarter/rack-attack/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22) may be a good choice
diff --git a/README.md b/README.md
index 12763fe..78e5e36 100644
--- a/README.md
+++ b/README.md
@@ -402,26 +402,15 @@ less on short-term, one-off hacks to block a particular attack.
 
 ## Contributing
 
-Pull requests and issues are greatly appreciated. This project is intended to be
-a safe, welcoming space for collaboration, and contributors are expected to
-adhere to the [Code of Conduct](CODE_OF_CONDUCT.md).
+Check out the [Contributing guide](CONTRIBUTING.md).
 
-### Testing pull requests
+## Code of Conduct
 
-To run the minitest test suite, you will need both [Redis](https://redis.io/) and
-[Memcached](https://memcached.org/) running locally and bound to IP `127.0.0.1` on
-default ports (`6379` for Redis, and `11211` for Memcached) and able to be
-accessed without authentication.
+This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Code of Conduct](CODE_OF_CONDUCT.md).
 
-Install dependencies by running
-```sh
-bundle install
-```
+## Development setup
 
-Then run the test suite by running
-```sh
-bundle exec rake
-```
+Check out the [Development guide](docs/development.md).
 
 ## Mailing list
 
diff --git a/docs/development.md b/docs/development.md
new file mode 100644
index 0000000..c3fec28
--- /dev/null
+++ b/docs/development.md
@@ -0,0 +1,13 @@
+# Rack::Attack: Development
+
+## Running the tests
+
+You will need both [Redis](https://redis.io/) and [Memcached](https://memcached.org/) running locally and bound to IP `127.0.0.1` on default ports (`6379` for Redis, and `11211` for Memcached) and able to be accessed without authentication.
+
+Install dependencies by running
+
+    $ bundle install
+
+Then run the test suite by running
+
+    $ bundle exec appraisal rake test