From 993af6fefde99791d842533fa3d23c0764b46ebd Mon Sep 17 00:00:00 2001
From: ialidzhikov <i.alidjikov@gmail.com>
Date: Mon, 2 Oct 2023 11:00:56 +0300
Subject: [PATCH] Add few more sentences for the debug endpoint

Initially I misunderstood that the debug endpoint has to be disabled in production environments. That's why I created https://github.com/distribution/distribution/issues/4084 and https://github.com/distribution/distribution/issues/4085.
But it turns out that the docs want to state the the debug endpoint should not be exposed publicly to the internet.

Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
---
 docs/configuration.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/configuration.md b/docs/configuration.md
index d5e04ba3..e9151d24 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -821,6 +821,8 @@ can be helpful in diagnosing problems. The debug endpoint can be used for
 monitoring registry metrics and health, as well as profiling. Sensitive
 information may be available via the debug endpoint. Please be certain that
 access to the debug endpoint is locked down in a production environment.
+The debug endpoint should not be exposed publicly to the internet.
+Instead, keep the debug endpoint private or enforce authentication for it.
 
 The `debug` section takes a single required `addr` parameter, which specifies
 the `HOST:PORT` on which the debug server should accept connections.