diff --git a/Security-Overview.md b/Security-Overview.md
index a0cf3a2..ba9234c 100644
--- a/Security-Overview.md
+++ b/Security-Overview.md
@@ -13,12 +13,10 @@ Server | Service | Note
 master | gRPC | secured by mutual TLS
 volume | gRPC | secured by mutual TLS
 filer  | gRPC | secured by mutual TLS
-master | http REST write | "weed master -httpReadOnly", disable http operations, only gRPC operations are allowed.
-master | http REST read | unprotected, exposing the UI, and stats
-filer  | http REST write | "weed master -port.public", add port for read only
-filer  | http REST read | unprotected
+master | http REST | "weed master -disableHttp", disable http operations, only gRPC operations are allowed.
+filer  | http REST | "weed filer -disableHttp", disable http operations, only gRPC operations are allowed.
 volume | http REST write | set `jwt.signing.key` in `security.toml` in master and volume servers to check token for write operations
-volume | http REST read | unprotected
+volume | http REST read | unprotected, but url is not guessable
 
 # Generate `security.toml` file