[DOCS]Clarify that by default server.host only allows local connections (#52802) (#52947)

* [DOCS]Clarify that by default server.host only allows local connections

* Update docs/setup/access.asciidoc

Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>

* Update docs/setup/settings.asciidoc

Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>

* Update docs/setup/settings.asciidoc

Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>

Author: Melori Arellano

docs/images/kibana-status-page-7_5_0.png

@@ -2,8 +2,8 @@
 == Accessing Kibana
 
 Kibana is a web application that you access through port 5601. All you need to do is point your web browser at the
-machine where Kibana is running and specify the port number. For example, `localhost:5601` or
-`http://YOURDOMAIN.com:5601`.
+machine where Kibana is running and specify the port number. For example, `localhost:5601` or `http://YOURDOMAIN.com:5601`.
+If you want to allow remote users to connect, set the parameter `server.host` in `kibana.yml` to a non-loopback address.
 
 When you access Kibana, the <<discover,Discover>> page loads by default with the default index pattern selected. The
 time filter is set to the last 15 minutes and the search query is set to match-all (\*).
@@ -15,9 +15,10 @@ If you still don't see any results, it's possible that you don't *have* any docu
 [[status]]
 === Checking Kibana Status
 
-You can reach the Kibana server's status page by navigating to `localhost:5601/status`. The status page displays
+You can reach the Kibana server's status page by navigating to the status endpoint, for example, `localhost:5601/status`. The status page displays
 information about the server's resource usage and lists the installed plugins.
 
-image::images/kibana-status-page.png[]
+[role="screenshot"]
+image::images/kibana-status-page-7_5_0.png[]
 
 NOTE: For JSON-formatted server status details, use the API endpoint at `localhost:5601/api/status`

docs/images/kibana-status-page.png

@@ -7,9 +7,7 @@ if you installed {kib} from an archive distribution (`.tar.gz` or `.zip`), by
 default it is in `$KIBANA_HOME/config`. By default, with package distributions
 (Debian or RPM), it is in `/etc/kibana`.
 
-The default settings configure Kibana to run on `localhost:5601`. To change the
-host or port number, or connect to Elasticsearch running on a different machine,
-you'll need to update your `kibana.yml` file. You can also enable SSL and set a
+The default host and port settings configure {kib} to run on `localhost:5601`. To change this behavior and allow remote users to connect, you'll need to update your `kibana.yml` file. You can also enable SSL and set a
 variety of other options. Finally, environment variables can be injected into
 configuration using `${MY_ENV_VAR}` syntax.
 
@@ -32,7 +30,7 @@ strongly recommend that you keep the default CSP rules that ship with Kibana.
 
 `csp.strict:`:: *Default: `false`* Blocks access to Kibana to any browser that
 does not enforce even rudimentary CSP rules. In practice, this will disable
-support for older, less safe browsers like Internet Explorer. 
+support for older, less safe browsers like Internet Explorer.
 See <<csp-strict-mode, Content Security Policy>> for more information.
 
 `csp.warnLegacyBrowsers:`:: *Default: `true`* Shows a warning message after
@@ -65,7 +63,7 @@ connects to this Kibana instance.
 `elasticsearch.requestHeadersWhitelist:`:: *Default: `[ 'authorization' ]`* List
 of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
 headers, set this value to [] (an empty list).
-Removing the `authorization` header from being whitelisted means that you cannot 
+Removing the `authorization` header from being whitelisted means that you cannot
 use <<basic-authentication, basic authentication>> in Kibana.
 
 `elasticsearch.requestTimeout:`:: *Default: 30000* Time in milliseconds to wait
@@ -171,19 +169,19 @@ The following example shows a valid logging rotate configuration:
 enable log rotation. If you do not have a `logging.dest` set that is different from `stdout`
 that feature would not take any effect.
 
-`logging.rotate.everyBytes:`:: [experimental] *Default: 10485760* The maximum size of a log file (that is `not an exact` limit). After the 
+`logging.rotate.everyBytes:`:: [experimental] *Default: 10485760* The maximum size of a log file (that is `not an exact` limit). After the
 limit is reached, a new log file is generated. The default size limit is 10485760 (10 MB) and
 this option should be at least greater than 1024.
 
-`logging.rotate.keepFiles:`:: [experimental] *Default: 7* The number of most recent rotated log files to keep 
-on disk. Older files are deleted during log rotation. The default value is 7. The `logging.rotate.keepFiles` 
+`logging.rotate.keepFiles:`:: [experimental] *Default: 7* The number of most recent rotated log files to keep
+on disk. Older files are deleted during log rotation. The default value is 7. The `logging.rotate.keepFiles`
 option has to be in the range of 2 to 1024 files.
 
-`logging.rotate.pollingInterval:`:: [experimental] *Default: 10000* The number of milliseconds for the polling strategy in case 
+`logging.rotate.pollingInterval:`:: [experimental] *Default: 10000* The number of milliseconds for the polling strategy in case
 the `logging.rotate.usePolling` is enabled. That option has to be in the range of 5000 to 3600000 milliseconds.
 
-`logging.rotate.usePolling:`:: [experimental] *Default: false* By default we try to understand the best way to monitoring 
-the log file. However, there is some systems where it could not be always accurate. In those cases, if needed, 
+`logging.rotate.usePolling:`:: [experimental] *Default: false* By default we try to understand the best way to monitoring
+the log file. However, there is some systems where it could not be always accurate. In those cases, if needed,
 the `polling` method could be used enabling that option.
 
 `logging.silent:`:: *Default: false* Set the value of this setting to `true` to
@@ -311,7 +309,7 @@ This setting may not be used when `server.compression.enabled` is set to `false`
   send on all responses to the client from the Kibana server.
 
 `server.host:`:: *Default: "localhost"* This setting specifies the host of the
-back end server.
+back end server. To allow remote users to connect, set the value to the IP address or DNS name of the {kib} server.
 
 `server.keepaliveTimeout:`:: *Default: "120000"* The number of milliseconds to wait for additional data before restarting
 the `server.socketTimeout` counter.
@@ -364,15 +362,15 @@ supported protocols with versions. Valid protocols: `TLSv1`, `TLSv1.1`, `TLSv1.2
 setting this to `true` enables unauthenticated users to access the Kibana server
 status API and status page.
 
-`telemetry.allowChangingOptInStatus`:: *Default: true*. If `true`, 
-users are able to change the telemetry setting at a later time in 
-<<advanced-options, Advanced Settings>>.  If `false`, 
-{kib} looks at the value of `telemetry.optIn` to determine whether to send 
+`telemetry.allowChangingOptInStatus`:: *Default: true*. If `true`,
+users are able to change the telemetry setting at a later time in
+<<advanced-options, Advanced Settings>>.  If `false`,
+{kib} looks at the value of `telemetry.optIn` to determine whether to send
 telemetry data or not. `telemetry.allowChangingOptInStatus` and `telemetry.optIn`
 cannot be `false` at the same time.
 
-`telemetry.optIn`:: *Default: true* If `true`, telemetry data is sent to Elastic. 
- If `false`, collection of telemetry data is disabled.  
+`telemetry.optIn`:: *Default: true* If `true`, telemetry data is sent to Elastic.
+ If `false`, collection of telemetry data is disabled.
  To enable telemetry and prevent users from disabling it,
  set `telemetry.allowChangingOptInStatus` to `false` and `telemetry.optIn` to `true`.