From 7a94540dbfbc78ffd1cf6aef53f17d1d96ca330f Mon Sep 17 00:00:00 2001
From: TomShawn <41534398+TomShawn@users.noreply.github.com>
Date: Thu, 11 Jun 2020 10:22:55 +0800
Subject: [PATCH] cherry pick #2767 to release-4.0

Signed-off-by: sre-bot <sre-bot@pingcap.com>
---
 dashboard/dashboard-faq.md               | 4 ++--
 dashboard/dashboard-ops-deploy.md        | 2 +-
 dashboard/dashboard-ops-reverse-proxy.md | 4 ++--
 dashboard/dashboard-ops-security.md      | 4 ++--
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/dashboard/dashboard-faq.md b/dashboard/dashboard-faq.md
index aa6edbf3f3186..6fc7f3c76362b 100644
--- a/dashboard/dashboard-faq.md
+++ b/dashboard/dashboard-faq.md
@@ -16,13 +16,13 @@ When multiple Placement Driver (PD) instances are deployed in a cluster, only on
 
 - See [TiDB Dashboard Multi-PD Instance Deployment](/dashboard/dashboard-ops-deploy.md#) to learn the working principle of TiDB Dashboard with multiple PD instances.
 - See [Use TiDB Dashboard through a Reverse Proxy](/dashboard/dashboard-ops-reverse-proxy.md) to learn how to correctly configure a reverse proxy.
-- See [Improve TiDB Dashboard Security](/dashboard/dashboard-ops-security.md) to learn how to correctly configure the firewall.
+- See [Secure TiDB Dashboard](/dashboard/dashboard-ops-security.md) to learn how to correctly configure the firewall.
 
 ### When TiDB Dashboard is deployed with dual network interface cards (NICs), TiDB Dashboard cannot be accessed using another NIC
 
 For security reasons, TiDB Dashboard on PD only monitors the IP addresses specified during deployment (that is, it only listens on one NIC), not on `0.0.0.0`. Therefore, when multiple NICs are installed on the host, you cannot access TiDB Dashboard using another NIC.
 
-If you have deployed TiDB using the `tiup cluster` or `tiup playground` command, currently this problem cannot be solved. It is recommended that you use a reverse proxy to safely expose TiDB Dashboard to another NIC. For details, see [Use TiDB Dashboard through Reverse Proxy](/dashboard/dashboard-ops-reverse-proxy.md).
+If you have deployed TiDB using the `tiup cluster` or `tiup playground` command, currently this problem cannot be solved. It is recommended that you use a reverse proxy to safely expose TiDB Dashboard to another NIC. For details, see [Use TiDB Dashboard behind a Reverse Proxy](/dashboard/dashboard-ops-reverse-proxy.md).
 
 ## UI-related FAQ
 
diff --git a/dashboard/dashboard-ops-deploy.md b/dashboard/dashboard-ops-deploy.md
index 0c7686a282b1b..b34eac0e91fb9 100644
--- a/dashboard/dashboard-ops-deploy.md
+++ b/dashboard/dashboard-ops-deploy.md
@@ -136,4 +136,4 @@ You can also re-enable TiDB Dashboard by manually specifying the PD instance tha
 
 - To learn how to access and log into the TiDB Dashboard UI, see [Access TiDB Dashboard](/dashboard/dashboard-access.md).
 
-- To learn how to enhance the security of TiDB Dashboard, such as configuring a firewall, see [Improve TiDB Dashboard Security](/dashboard/dashboard-ops-security.md).
+- To learn how to enhance the security of TiDB Dashboard, such as configuring a firewall, see [Secure TiDB Dashboard](/dashboard/dashboard-ops-security.md).
diff --git a/dashboard/dashboard-ops-reverse-proxy.md b/dashboard/dashboard-ops-reverse-proxy.md
index ad87fe9d8e1b0..769d15c5a0231 100644
--- a/dashboard/dashboard-ops-reverse-proxy.md
+++ b/dashboard/dashboard-ops-reverse-proxy.md
@@ -59,7 +59,7 @@ When you use [NGINX](https://nginx.org/) as the reverse proxy, take the followin
 
    > **Warning:**
    >
-   > You must keep the `/dashboard/` path in the `proxy_pass` directive to ensure that only the services under this path are reverse proxied. Otherwise, security risks will be introduced. See [Improve TiDB Dashboard Security](/dashboard/dashboard-ops-security.md).
+   > You must keep the `/dashboard/` path in the `proxy_pass` directive to ensure that only the services under this path are reverse proxied. Otherwise, security risks will be introduced. See [Secure TiDB Dashboard](/dashboard/dashboard-ops-security.md).
 
 2. Restart NGINX for the configuration to take effect.
 
@@ -180,7 +180,7 @@ server {
 
 > **Warning:**
 >
-> Keep the `/dashboard/` path in the `proxy_pass` directive to ensure that only the services under this path are reverse proxied. Otherwise, security risks will be introduced. See [Improve TiDB Dashboard Security](/dashboard/dashboard-ops-security.md).
+> Keep the `/dashboard/` path in the `proxy_pass` directive to ensure that only the services under this path are reverse proxied. Otherwise, security risks will be introduced. See [Secure TiDB Dashboard](/dashboard/dashboard-ops-security.md).
 
 Change `http://192.168.0.123:2379/dashboard/` in the configuration to the actual address of the TiDB Dashboard obtained in [Step 1: Get the actual TiDB Dashboard address](#step-1-get-the-actual-tidb-dashboard-address).
 
diff --git a/dashboard/dashboard-ops-security.md b/dashboard/dashboard-ops-security.md
index 46ec762c268be..a2d0cfbc8af25 100644
--- a/dashboard/dashboard-ops-security.md
+++ b/dashboard/dashboard-ops-security.md
@@ -26,7 +26,7 @@ It is recommended that you take the following measures:
     >
     > TiDB, TiKV, and other components need to communicate with the PD component through the PD client port, so do not block access to the internal network between components. Otherwise, the cluster will become unavailable.
 
-+ See [Use TiDB Dashboard through Reverse Proxy](/dashboard/dashboard-ops-reverse-proxy.md) to learn how to configure the reverse proxy to safely provide the TiDB Dashboard service on another port to the external network.
++ See [Use TiDB Dashboard behind a Reverse Proxy](/dashboard/dashboard-ops-reverse-proxy.md) to learn how to configure the reverse proxy to safely provide the TiDB Dashboard service on another port to the external network.
 
 ### How to open access to TiDB Dashboard port when deploying multiple PD instances
 
@@ -71,7 +71,7 @@ In this example, the firewall needs to be configured with inbound access for the
 
 As mentioned in [Use a firewall to block untrusted access](#use-a-firewall-to-block-untrusted access), the services provided under the PD client port include not only TiDB Dashboard (located at <http://IP:2379/dashboard/>), but also other privileged interfaces in PD (such as <http://IP:2379/pd/api/v1/members>). Therefore, when using a reverse proxy to provide TiDB Dashboard to the external network, ensure that the services **ONLY** with the `/dashboard` prefix are provided (**NOT** all services under the port) to avoid that the external network can access the privileged interface in PD through the reverse proxy.
 
-It is recommended that you see [Use TiDB Dashboard through Reverse Proxy](/dashboard/dashboard-ops-reverse-proxy.md) to learn a safe and recommended reverse proxy configuration.
+It is recommended that you see [Use TiDB Dashboard behind a Reverse Proxy](/dashboard/dashboard-ops-reverse-proxy.md) to learn a safe and recommended reverse proxy configuration.
 
 ## Other recommended safety measures