From 5a70910dceeed4e57651128c1887f94f815c3153 Mon Sep 17 00:00:00 2001 From: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com> Date: Mon, 29 Jul 2024 12:12:04 +0200 Subject: [PATCH] Improve explanation on API exposition --- docs/content/operations/api.md | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/docs/content/operations/api.md b/docs/content/operations/api.md index 3b30993a5..f6786f6d5 100644 --- a/docs/content/operations/api.md +++ b/docs/content/operations/api.md @@ -16,13 +16,9 @@ including sensitive data. In production, it should be at least secured by authentication and authorizations. -A good sane default (non exhaustive) set of recommendations -would be to apply the following protection mechanisms: - -* At the transport level: - NOT publicly exposing the API's port, - keeping it restricted to internal networks - (as in the [principle of least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege), applied to networks). +!!! info + It's recommended to NOT publicly exposing the API's port, keeping it restricted to internal networks + (as in the [principle of least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege), applied to networks). ## Configuration