From 41ee8f31508a1eb20c4b782118a272f0475770b2 Mon Sep 17 00:00:00 2001
From: Johannes Ernst <jernst@users.noreply.github.com>
Date: Wed, 25 Sep 2024 06:49:59 -0700
Subject: [PATCH] Clarify the description of ALLOW_PRIVATE_ADDRESSES (#1533)

Co-authored-by: Johannes Ernst <git@j12t.org>
---
 content/en/admin/config.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/en/admin/config.md b/content/en/admin/config.md
index ff95f3f6f..b588c9869 100644
--- a/content/en/admin/config.md
+++ b/content/en/admin/config.md
@@ -40,7 +40,7 @@ If you have multiple domains pointed at your Mastodon server, this setting will
 
 #### `ALLOWED_PRIVATE_ADDRESSES`
 
-Comma-separated specific addresses/subnets are allowed in outgoing HTTP queries.
+Comma-separated list of private IP addresses/subnets that are allowed in outgoing HTTP requests. Mastodon blocks HTTP requests to hosts on private IP address ranges (like `127.0.0.1` or `192.168.1.1/16`) to prevent [Server-side request forgeries](https://en.wikipedia.org/wiki/Server-side_request_forgery). This setting removes the specified IP addresses/subnets from being blocked.
 
 #### `AUTHORIZED_FETCH`