From 814d41fa4a3fb16cae060559194b8f386cbd080a Mon Sep 17 00:00:00 2001
From: Mary J <maryjinglewski@honeycomb.io>
Date: Thu, 7 Dec 2023 16:36:57 -0500
Subject: [PATCH] Incorporate suggestions from code review
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Patrice Chalin <chalin@users.noreply.github.com>
Co-authored-by: Juraci Paixão Kröhling <juraci.github@kroehling.de>
---
 content/en/docs/security/_index.md                           | 4 +---
 .../security/otel-collector-configuration-best-practices.md  | 5 ++---
 .../docs/security/otel-collector-hosting-best-practices.md   | 1 +
 3 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/content/en/docs/security/_index.md b/content/en/docs/security/_index.md
index bb46f585994d..266691a48e75 100644
--- a/content/en/docs/security/_index.md
+++ b/content/en/docs/security/_index.md
@@ -1,11 +1,9 @@
 ---
 title: Security
 description: How to use OpenTelemetry Collector securely.
-weight: 90
+weight: 10.1
 ---
 
-## Security
-
 When setting up the OpenTelemetry (OTel) Collector, consider implementing
 security best practices in both your hosting infrastructure and your OTel
 Collector configuration.
diff --git a/content/en/docs/security/otel-collector-configuration-best-practices.md b/content/en/docs/security/otel-collector-configuration-best-practices.md
index 012113c301f9..065b63f59737 100644
--- a/content/en/docs/security/otel-collector-configuration-best-practices.md
+++ b/content/en/docs/security/otel-collector-configuration-best-practices.md
@@ -1,5 +1,6 @@
 ---
 title: OpenTelemetry Collector Configuration Best Practices
+linkTitle: Collector config
 description:
   Follow best practices to securely configure OpenTelemetry Collector.
 weight: 20
@@ -8,8 +9,6 @@ weight: 20
 When setting up configuration for OpenTelemetry (OTel) Collector, consider the
 following practices to better secure your OTel Collector instance.
 
-## Configuration
-
 <!--
 TODO: SHOULD only enable the minimum required components. What are those?
 --->
@@ -33,7 +32,7 @@ today this is not the case.
 ### Safeguards against denial of service attacks
 
 Users should bind receivers' servers to addresses that limit connections to
-authorized users. <!-- Why? -->
+authorized users, so that their Collectors aren't exposed to the public internet or to wider networks than necessary.
 
 For example, if the OTLP receiver OTLP/gRPC server only has local clients, the
 `endpoint` setting SHOULD be bound to `localhost`:
diff --git a/content/en/docs/security/otel-collector-hosting-best-practices.md b/content/en/docs/security/otel-collector-hosting-best-practices.md
index 57b55c02a3a0..36895aaaea74 100644
--- a/content/en/docs/security/otel-collector-hosting-best-practices.md
+++ b/content/en/docs/security/otel-collector-hosting-best-practices.md
@@ -1,5 +1,6 @@
 ---
 title: OpenTelemetry Collector Hosting Best Practices
+linkTitle: Collector hosting
 description: Follow best practices to securely host OpenTelemetry Collector.
 weight: 10
 ---