Slight documentation fixes

docs/configuring.rst

@@ -12,9 +12,8 @@ Settings
 ~~~~~~~~
 * ``TMPDIR`` is a path that defines where ``DNF`` will store it's repository
   cache.
-* ``REPOSITORIES`` defines which repositories can be queried and has the
-  following structure. Configured repositories will automatically show up in the
-  top menu.
+* ``REPOSITORIES`` defines which repositories can be queried. Configured
+  repositories will automatically show up in the top menu.
 * ``TAGS`` is a string matcher. It will automatically create a link in the
   ``Compare`` tab of the top menu for comparing repositories that match the tag
   string.
@@ -27,4 +26,4 @@ Settings
 Read on the `running documentation`_ to see how to get ``rpm-versiontracker``
 to run.
 
-.. _running documentation: running.html
+.. _running documentation: running.html

docs/installing.rst

@@ -22,4 +22,4 @@ will be running it from::
 Read on the `configuration documentation`_ to see how to configure
 ``rpm-versiontracker``.
 
-.. _configuration documentation: configuration.html
+.. _configuration documentation: configuring.html

docs/running.rst

@@ -29,6 +29,10 @@ Perhaps your favorite setup is with `Apache and mod_wsgi`_ or you're used to
 What you need to know is that the application to start is ``run:app`` where
 ``run`` references `run.py`_ and ``app`` the actual Flask application.
 
+The REST API is currently unrestricted. It is highly recommended to secure
+access to it with the help of a web server or other means as it could fairly
+easily be abused or used in amplification attacks.
+
 .. _documentation: http://flask.pocoo.org/docs/0.10/deploying/
 .. _Apache and mod_wsgi: http://flask.pocoo.org/docs/0.10/deploying/mod_wsgi/
 .. _gunicorn: http://flask.pocoo.org/docs/0.10/deploying/wsgi-standalone/#gunicorn