diff --git a/docs/recipes/nginx.md b/docs/recipes/nginx.md index 81c44846..1f039f61 100644 --- a/docs/recipes/nginx.md +++ b/docs/recipes/nginx.md @@ -38,11 +38,10 @@ you want through the secondary authentication mechanism implemented inside your proxy, it also requires that you move TLS termination from the Registry to the proxy itself. -> Another important thing to note is that by binding your registry to -> `localhost:5000` without authentication, you open up a potential loophole in -> your Docker Registry security - anyone who can log on to the server where your -> Docker Registry is running can push images to your registry, without -> authentication. This could have potentially devastating effects. +> ***NOTE:*** Docker does not recommend binding your registry to `localhost:5000` without +> authentication. This creates a potential loophole in your Docker Registry security. +> As a result, anyone with access to your Docker Registry can push images without +> authentication. Furthermore, introducing an extra http layer in your communication pipeline makes it more complex to deploy, maintain, and debug. Make sure the extra