diff --git a/docs/security.md b/docs/security.md index 48d8703..4d8eb60 100644 --- a/docs/security.md +++ b/docs/security.md @@ -75,7 +75,7 @@ This ensures Docker deployments can shut down cleanly. - We don't support session state. The auth decision is made per-request. - We don't support rate limiting. Use NGINX's limit_req for that. - We don't support IP-based rate limiting. Use NGINX's limit_conn for that. -- We don't support IPv6. If you need IPv6, add it later. +- We support IPv6. The `/api/whitelist` endpoints accept both IPv4 and IPv6 addresses. - We don't support TLS. The auth endpoint should always be served over TLS. - We don't support logging to a file. Logs go to stdout (Docker). - We don't support metrics. If you need metrics, add them later.