From: Francis Dupont <fdupont@isc.org>
Date: Sat, 13 Jun 2026 08:18:43 +0000 (+0200)
Subject: [#4228] Updated firewall point
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b2f012e2cc617501ade65a2d64823f4e3fe73cf6;p=thirdparty%2Fkea.git

[#4228] Updated firewall point
---

diff --git a/doc/sphinx/arm/security.rst b/doc/sphinx/arm/security.rst
index 1cce2cfc3c..4f0b2e6148 100644
--- a/doc/sphinx/arm/security.rst
+++ b/doc/sphinx/arm/security.rst
@@ -522,7 +522,7 @@ DHCP and DDNS servers exposes a RESTful API over HTTP or HTTPS (HTTP over TLS).
 These control channels are optional features that are disabled by default, but it is very popular. When enabled, it listens on the
 loopback address (127.0.0.1 or ::1) by default, unless configured otherwise. See :ref:`tls`
 for information about protecting the TLS traffic. Limiting the incoming connections with a firewall, such as
-iptables, is generally a good idea.
+iptables, is strongly recommended.
 
 Note that in High Availability (HA) deployments, a multi-threaded dedicated
 listener can be configured to serve the HA protocol using the RESTful API