diff --git a/en/docs/install-and-setup/setup/security/securing-api-m-web-portals.md b/en/docs/install-and-setup/setup/security/securing-api-m-web-portals.md index 4307428282..8dc21f02fd 100644 --- a/en/docs/install-and-setup/setup/security/securing-api-m-web-portals.md +++ b/en/docs/install-and-setup/setup/security/securing-api-m-web-portals.md @@ -32,24 +32,7 @@ session_timeout = "30m" ## Restricting access to web portals -You can restrict access to the management console of the API-M runtime by binding the management console with selected IP addresses. Note that you can either restrict access to the management console only, or you can restrict access to all web portals as explained below. - -- To control access only to the management console, add the following configuration to the `/repository/conf/deployment.toml` file: - - ```toml - [admin_console.control_access] - enable = true - allow = ["IP1", "IP2", "IP3"] - ``` - - This adds a `RemoteAddrValve` Tomcat valve in the `/repository/conf/tomcat/carbon/META-INF/context.xml` file and it will only apply to the Carbon management console, and thereby all outside requests to the management console will be blocked. - - -
-

Note

-

When you enable access control for the management console, only the IP addresses specified in the allow parameter will have access. All other IP addresses will be blocked. Make sure to include all IP addresses that require access to the management console in the whitelist.

-
- +You can restrict access to the management console of the API-M runtime by binding the management console with selected IP addresses. Note that you can restrict access to all web portals as explained below. - To control access to all web applications deployed in your server, add the following configuration to the `/repository/conf/deployment.toml` file: