From 0e9767cd77a601a2478079a6e8ad4c0327aed790 Mon Sep 17 00:00:00 2001
From: Aliaksandr Valialkin <valyala@victoriametrics.com>
Date: Fri, 8 Nov 2024 16:37:08 +0100
Subject: [PATCH] docs/VictoriaLogs/README.md: add `Security` chapter

It is inspired by https://github.com/VictoriaMetrics/VictoriaMetrics/pull/7428#discussion_r1831555716

(cherry picked from commit 62e6c9bd6f281708f70c44bf3a2c4cf22e370269)
---
 docs/VictoriaLogs/README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/docs/VictoriaLogs/README.md b/docs/VictoriaLogs/README.md
index a48cd2766..4d0457398 100644
--- a/docs/VictoriaLogs/README.md
+++ b/docs/VictoriaLogs/README.md
@@ -244,6 +244,13 @@ VictoriaLogs has very low overhead for per-tenant management, so it is OK to hav
 
 VictoriaLogs doesn't perform per-tenant authorization. Use [vmauth](https://docs.victoriametrics.com/vmauth/) or similar tools for per-tenant authorization.
 
+## Security
+
+It is expected that VictoriaLogs runs in a protected environment, which is unreachable from the Internet without proper authorization.
+It is recommended providing access to VictoriaLogs [data ingestion APIs](https://docs.victoriametrics.com/victorialogs/data-ingestion/)
+and [querying APIs](https://docs.victoriametrics.com/victorialogs/querying/#http-api) via [vmauth](https://docs.victoriametrics.com/vmauth/)
+or similar authorization proxies.
+
 ## Benchmarks
 
 Here is a [benchmark suite](https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/deployment/logs-benchmark) for comparing data ingestion performance