From b4d453d28f803ae2ca688246afeccbc0e206f3ba Mon Sep 17 00:00:00 2001
From: Kiril KJiroski <kiril.kjiroski@finki.ukim.mk>
Date: Mon, 5 Sep 2022 07:48:54 +0000
Subject: [PATCH] Update install.md

---
 doc/install.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/install.md b/doc/install.md
index 9cda041..143be0c 100644
--- a/doc/install.md
+++ b/doc/install.md
@@ -28,8 +28,9 @@ To test the development version you can clone the repository instead of download
 You can use configuration script named "configure.sh", located in the root folder, in order to use the Configuration Wizzard and more easily enter preferred values for a number of options. This script will help you in following:
 * Create whitelist for use with haproxy, in order to enable access to various tools from certain IP addresses. 
 * By default, following services are accessible only from internal docker network (172.22.0.0/16):
-** HAProxy Stats - Statistics about proxied services/tools and their availability. Generally, you want only a selected number of people to be able to view them.
-
+  * HAProxy Stats - Statistics about proxied services/tools and their availability. Generally, you want only a selected number of people to be able to view them.
+  * ODFE - Direct access to ODFE Elasticsearch containers. Generally, you would need to access them only for debugging purposes.
+* By default, all SOCTools are accessible from the whole Internet. Since we are using certificates for all tools, except for Keycloak and User Management UI, you may want to restrict access to the last two. 
 
 Edit roles/haproxy/files/stats_whitelist.lst in order to manually configure whitelist IP addresses for accessing various tools. You can use access.ips file found in the root folder as starting template.
 * `cat access.ips > roles/haproxy/files/stats_whitelist.lst`
-- 
GitLab