diff --git a/security-guide/source/api-endpoints/api-endpoint-configuration-recommendations.rst b/security-guide/source/api-endpoints/api-endpoint-configuration-recommendations.rst index 53c74a87..f635b847 100644 --- a/security-guide/source/api-endpoints/api-endpoint-configuration-recommendations.rst +++ b/security-guide/source/api-endpoints/api-endpoint-configuration-recommendations.rst @@ -151,5 +151,5 @@ It is key that the operator carefully plans and considers the individual performance needs of users and services within their OpenStack cloud when configuring and implementing any rate limiting functionality. -Common solutions for providing rate-limiting are Nginx, HAProxy, OpenRepose, or -Apache Modules such as mod_ratelimit, mod_qos, or mod_security. +Common solutions for providing rate-limiting are :term:`Nginx`, HAProxy, +OpenRepose, or Apache Modules such as mod_ratelimit, mod_qos, or mod_security. diff --git a/security-guide/source/api-endpoints/case-studies.rst b/security-guide/source/api-endpoints/case-studies.rst index 0fae5896..4d529053 100644 --- a/security-guide/source/api-endpoints/case-studies.rst +++ b/security-guide/source/api-endpoints/case-studies.rst @@ -39,8 +39,8 @@ Bob's public cloud ~~~~~~~~~~~~~~~~~~ Bob must also protect the access to the public and private endpoints, so -he elects to use the more lightweight Nginx web server on both public -and internal services. On the public services, he has configured Nginx +he elects to use the more lightweight :term:`Nginx` web server on both public +and internal services. On the public services, he has configured :term:`Nginx` for high availability and has installed the certificate key files with certificates signed by a well-known Certificate Authority. He has used his organization's self-signed CA to sign certificates in the internal diff --git a/security-guide/source/dashboard/case-studies.rst b/security-guide/source/dashboard/case-studies.rst index 954827b7..c93d48a2 100644 --- a/security-guide/source/dashboard/case-studies.rst +++ b/security-guide/source/dashboard/case-studies.rst @@ -43,17 +43,17 @@ Bob's public cloud Bob expects the dashboard to be one of the main methods of interaction users will have with their cloud, and as such he deploys the latest -version of Nginx that has integrated active-passive high-availability +version of :term:`Nginx` that has integrated active-passive high-availability based on keepalived. He makes sure that his networking configuration is configured to handle VRRP (used by keepalived), sets unique values -for the `virtual_router_id` in the Nginx configuration file, determines +for the `virtual_router_id` in the :term:`Nginx` configuration file, determines which instance will start as master, and upates the proper values for the `unicast_src_ip` and `unicast_peer` setttings. He makes sure that both instances have their own copy of the configuration file and the `chk_nginx_service` script is configured to ensure the instances are validating the local node's priority. -Bob then enables HSTS by adding a new response header in the Nginx +Bob then enables HSTS by adding a new response header in the :term:`Nginx` server block, substituting applicable values for and