[chore] Update READMEs to point to security best practices doc (#36590)

mx-psi · web-flow · commit 539042d0c718 · 2024-11-29T09:37:40.000+01:00
#### Description  Counterpart to open-telemetry/opentelemetry-collector/pull/11773
diff --git a/extension/awsproxy/README.md b/extension/awsproxy/README.md
@@ -41,7 +41,7 @@ The TCP address and port on which this proxy listens for requests.
 
 Default: `localhost:2000`
 
-You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:2000`. This feature gate will be removed in a future release.
+See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 
 ### proxy_address (Optional)
diff --git a/extension/healthcheckextension/README.md b/extension/healthcheckextension/README.md
@@ -29,7 +29,7 @@ liveness and/or readiness probe on Kubernetes.
 
 The following settings are required:
 
-- `endpoint` (default = localhost:13133): Address to publish the health check status. For full list of `ServerConfig` refer [here](https://github.com/open-telemetry/opentelemetry-collector/tree/main/config/confighttp). You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to 0.0.0.0:13133. This feature gate will be removed in a future release.
+- `endpoint` (default = localhost:13133): Address to publish the health check status. For full list of `ServerConfig` refer [here](https://github.com/open-telemetry/opentelemetry-collector/tree/main/config/confighttp). See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 - `path` (default = "/"): Specifies the path to be configured for the health check server.
 - `response_body` (default = ""): Specifies a static body that overrides the default response returned by the health check service. 
 
diff --git a/extension/healthcheckv2extension/README.md b/extension/healthcheckv2extension/README.md
@@ -35,7 +35,7 @@ liveness and/or readiness probe on Kubernetes.
 
 The following settings are required:
 
-- `endpoint` (default = localhost:13133): Address to publish the health check status. For full list of `ServerConfig` refer [here](https://github.com/open-telemetry/opentelemetry-collector/tree/main/config/confighttp). You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to 0.0.0.0:13133. This feature gate will be removed in a future release.
+- `endpoint` (default = localhost:13133): Address to publish the health check status. For full list of `ServerConfig` refer [here](https://github.com/open-telemetry/opentelemetry-collector/tree/main/config/confighttp). See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 - `path` (default = "/"): Specifies the path to be configured for the health check server.
 - `response_body` (default = ""): Specifies a static body that overrides the default response returned by the health check service.
 - `check_collector_pipeline:` (deprecated and ignored): Settings of collector pipeline health check
diff --git a/extension/jaegerremotesampling/README.md b/extension/jaegerremotesampling/README.md
@@ -17,7 +17,7 @@ By default, two listeners are made available:
 - `localhost:5778`, following the legacy remote sampling endpoint as defined by Jaeger
 - `localhost:14250`, following the gRPC remote sampling endpoint, also defined by Jaeger
 
-You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:5778` and `0.0.0.0:14250` respectively. This feature gate will be removed in a future release.
+See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 
 Note that the port `14250` will clash with the Jaeger Receiver. When both are used, it's recommended to change this extension to use another port.
diff --git a/processor/remotetapprocessor/README.md b/processor/remotetapprocessor/README.md
@@ -27,7 +27,7 @@ The Remote Tap processor has two configurable fields: `endpoint` and `limit`:
 
 - `endpoint`: The endpoint on which the WebSocket processor listens. Optional. Defaults
   to `localhost:12001`.
-  You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:12001`. This feature gate will be removed in a future release.
+  See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 - `limit`: The rate limit over the WebSocket in messages per second. Can be a
   float or an integer. Optional. Defaults to `1`.
diff --git a/receiver/awsfirehosereceiver/README.md b/receiver/awsfirehosereceiver/README.md
@@ -38,7 +38,7 @@ The address:port to bind the listener to.
 
 default: `localhost:4433`
 
-You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:4433`. This feature gate will be removed in a future release.
+See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 ### tls:
 See [documentation](https://github.com/open-telemetry/opentelemetry-collector/blob/main/config/configtls/README.md#server-configuration) for more details.
diff --git a/receiver/awsxrayreceiver/README.md b/receiver/awsxrayreceiver/README.md
@@ -45,8 +45,7 @@ The UDP address and port on which this receiver listens for X-Ray segment docume
 
 Default: `localhost:2000`
 
-You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:2000`. This feature gate will be removed in a future release.
-
+See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 ### transport (Optional)
 This should always be "udp" as X-Ray SDKs only send segments using UDP.
@@ -61,7 +60,7 @@ The TCP address and port on which this receiver listens for calls from the X-Ray
 
 Default: `0.0.0.0:2000`
 
-The `component.UseLocalHostAsDefaultHost` feature gate changes this to localhost:2000. This will become the default in a future release.
+See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 ### proxy_address (Optional)
 Defines the proxy address that the local TCP server forwards HTTP requests to AWS X-Ray backend through. If left unconfigured, requests will be sent directly.
diff --git a/receiver/influxdbreceiver/README.md b/receiver/influxdbreceiver/README.md
@@ -27,7 +27,7 @@ Write responses:
 
 The following configuration options are supported:
 
-* `endpoint` (default = localhost:8086) HTTP service endpoint for the line protocol receiver. You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:8086`. This feature gate will be removed in a future release.
+* `endpoint` (default = localhost:8086) HTTP service endpoint for the line protocol receiver. See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 The full list of settings exposed for this receiver are documented in [config.go](config.go).
 
diff --git a/receiver/jaegerreceiver/README.md b/receiver/jaegerreceiver/README.md
@@ -28,7 +28,7 @@ object configuration parameter.
 - `thrift_compact` (default `endpoint` = localhost:6831)
 - `thrift_http` (default `endpoint` = localhost:14268)
 
-You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change tgese endpoints to 0.0.0.0:14250, 0.0.0.0:6832, 0.0.0.0:6831 and 0.0.0.0:14268. This feature gate will be removed in a future release.
+See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 Examples:
 
diff --git a/receiver/lokireceiver/README.md b/receiver/lokireceiver/README.md
@@ -21,7 +21,7 @@ This receiver runs HTTP and GRPC servers to ingest log entries in Loki format.
 
 The settings are:
 
-- `endpoint` (required, default = localhost:3500 for HTTP protocol, localhost:3600 gRPC protocol): host:port to which the receiver is going to receive data. You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:3500` and `0.0.0.0:3600`. This feature gate will be removed in a future release.
+- `endpoint` (required, default = localhost:3500 for HTTP protocol, localhost:3600 gRPC protocol): host:port to which the receiver is going to receive data. See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 - `use_incoming_timestamp` (optional, default = false) if set `true` the timestamp from Loki log entry is used
 
 Example:
diff --git a/receiver/opencensusreceiver/README.md b/receiver/opencensusreceiver/README.md
@@ -31,7 +31,7 @@ The following settings are configurable:
 
 - `endpoint` (default = localhost:55678): host:port to which the receiver is
   going to receive data. The valid syntax is described at
-  https://github.com/grpc/grpc/blob/master/doc/naming.md. You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:55678`. This feature gate will be removed in a future release.
+  https://github.com/grpc/grpc/blob/master/doc/naming.md. See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 
 ## Advanced Configuration
diff --git a/receiver/sapmreceiver/README.md b/receiver/sapmreceiver/README.md
@@ -25,7 +25,7 @@ The following settings are required:
 
 - `endpoint` (default = `localhost:7276`): Address and port that the SAPM
   receiver should bind to.
-  You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:7276`. This feature gate will be removed in a future release.
+  See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 The following setting are optional:
 
diff --git a/receiver/signalfxreceiver/README.md b/receiver/signalfxreceiver/README.md
@@ -28,7 +28,7 @@ The following settings are required:
 
 - `endpoint` (default = `localhost:9943`): Address and port that the SignalFx
   receiver should bind to.
-  You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:9943`. This feature gate will be removed in a future release.
+  See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 The following settings are optional:
 
diff --git a/receiver/skywalkingreceiver/README.md b/receiver/skywalkingreceiver/README.md
@@ -32,7 +32,7 @@ object configuration parameter.
 - `grpc` (default `endpoint` = localhost:11800)
 - `http` (default `endpoint` = localhost:12800)
 
-You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change these to `0.0.0.0:11800` and `0.0.0.0:12800`. This feature gate will be removed in a future release.
+See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 
 Examples:
diff --git a/receiver/splunkhecreceiver/README.md b/receiver/splunkhecreceiver/README.md
@@ -28,7 +28,7 @@ The following settings are required:
 * `endpoint` (default = `localhost:8088`): Address and port that the Splunk HEC
   receiver should bind to.
 
-You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:8088`. This feature gate will be removed in a future release.
+See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 
 The following settings are optional:
 
diff --git a/receiver/zipkinreceiver/README.md b/receiver/zipkinreceiver/README.md
@@ -28,7 +28,7 @@ receivers:
 
 The following settings are configurable:
 
-- `endpoint` (default = localhost:9411): host:port on which the receiver is going to receive data.You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:9411`. This feature gate will be removed in a future release.  For full list of `ServerConfig` refer [here](https://github.com/open-telemetry/opentelemetry-collector/tree/main/config/confighttp).
+- `endpoint` (default = localhost:9411): host:port on which the receiver is going to receive data.See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.  For full list of `ServerConfig` refer [here](https://github.com/open-telemetry/opentelemetry-collector/tree/main/config/confighttp).
 - `parse_string_tags` (default = false): if enabled, the receiver will attempt to parse string tags/binary annotations into int/bool/float.
 
 ## Advanced Configuration
diff --git a/receiver/zookeeperreceiver/README.md b/receiver/zookeeperreceiver/README.md
@@ -17,7 +17,7 @@ to be enabled for the receiver to be able to collect metrics.
 
 ## Configuration
 
-- `endpoint`: (default = `localhost:2181`) Endpoint to connect to collect metrics. Takes the form `host:port`. You can temporarily disable the `component.UseLocalHostAsDefaultHost` feature gate to change this to `0.0.0.0:2181`. This feature gate will be removed in a future release.
+- `endpoint`: (default = `localhost:2181`) Endpoint to connect to collect metrics. Takes the form `host:port`. See our [security best practices doc](https://opentelemetry.io/docs/security/config-best-practices/#protect-against-denial-of-service-attacks) to understand how to set the endpoint in different environments.
 - `timeout`: (default = `10s`) Timeout within which requests should be completed.
 - `initial_delay` (default = `1s`): defines how long this receiver waits before starting.
 
