Updated TLS (markdown)

TLS.md

@@ -1,5 +1,10 @@
 This page explains how to add TLS support for Netbox.
 There are many ways to do this.
+We recommend setting up a reverse proxy that is independent of the Netbox Docker setup.
+You can do this by installing a webserver like _nginx_ on your host machine directly (and forwarding traffic to the container)
+or by running such a webserver in a container, [as explained below on the example of _Hitch_](#tls-using-hitch).
+
+**We strongly advise _against_ changing the Nginx configuration that ships with Netbox Docker.**
 
 ## TLS for localhost
 
@@ -26,13 +31,7 @@ cat localhost+2.pem localhost+2-key.pem > cert_and_key.pem
 
 Continue with [TLS Using Hitch](#tls-using-hitch).
 
-## TLS for the world
-
-In order to setup TLS to serve public traffic to your Netbox it is recommended to set up a reverse proxy that is independent from Netbox.
-You can do this by installing a webserver like _nginx_ on your host machine directly or by running it in a container, [as explained below with _Hitch_](#tls-using-hitch).
-But we strongly advise against changing the Nginx configuration that ships with Netbox Docker.
-
-### TLS Using Hitch
+## TLS Using Hitch
 
 [Hitch](https://hitch-tls.org/) is a high performance TLS proxy by the people behind the famous Varnish.