Merge pull request rancher#1333 from martyav/1283-update-rancher-secu…

…rity-best-practices-to-address-public-ip-exposure

RKE update towards rancher#1283 - update rancher security best practices to address public ip exposure

docs/reference-guides/rancher-security/rancher-security-best-practices.md

@@ -25,6 +25,6 @@ If you require such features, combine Layer 7 firewalls with [external authentic
 You should protect the following ports behind an [external load balancer](../../how-to-guides/new-user-guides/kubernetes-resources-setup/load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md#layer-4-load-balancer) that has SSL offload enabled:
 
 - **K3s:** Port 6443, used by the Kubernetes API.
-- **RKE2:** Port 6443, used by the Kubernetes API, and port 9345, used for node registration. 
+- **RKE and RKE2:** Port 6443, used by the Kubernetes API, and port 9345, used for node registration. 
 
 These ports have TLS SAN certificates which list nodes' public IP addresses. An attacker could use that information to gain unauthorized access or monitor activity on the cluster. Protecting these ports helps mitigate against nodes' public IP addresses being disclosed to potential attackers.

versioned_docs/version-2.7/reference-guides/rancher-security/rancher-security-best-practices.md

@@ -25,6 +25,6 @@ If you require such features, combine Layer 7 firewalls with [external authentic
 You should protect the following ports behind an [external load balancer](../../how-to-guides/new-user-guides/kubernetes-resources-setup/load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md#layer-4-load-balancer) that has SSL offload enabled:
 
 - **K3s:** Port 6443, used by the Kubernetes API.
-- **RKE2:** Port 6443, used by the Kubernetes API, and port 9345, used for node registration. 
+- **RKE and RKE2:** Port 6443, used by the Kubernetes API, and port 9345, used for node registration. 
 
 These ports have TLS SAN certificates which list nodes' public IP addresses. An attacker could use that information to gain unauthorized access or monitor activity on the cluster. Protecting these ports helps mitigate against nodes' public IP addresses being disclosed to potential attackers.

versioned_docs/version-2.8/reference-guides/rancher-security/rancher-security-best-practices.md

@@ -25,6 +25,6 @@ If you require such features, combine Layer 7 firewalls with [external authentic
 You should protect the following ports behind an [external load balancer](../../how-to-guides/new-user-guides/kubernetes-resources-setup/load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md#layer-4-load-balancer) that has SSL offload enabled:
 
 - **K3s:** Port 6443, used by the Kubernetes API.
-- **RKE2:** Port 6443, used by the Kubernetes API, and port 9345, used for node registration. 
+- **RKE and RKE2:** Port 6443, used by the Kubernetes API, and port 9345, used for node registration. 
 
 These ports have TLS SAN certificates which list nodes' public IP addresses. An attacker could use that information to gain unauthorized access or monitor activity on the cluster. Protecting these ports helps mitigate against nodes' public IP addresses being disclosed to potential attackers.