Add correct language for --rest-api-host-allowlist

docs/reference/cli/index.md

@@ -2745,7 +2745,7 @@
 ### `rest-api-host-allowlist`
 
 <Tabs>
-  <TabItem value="Syntax" label="Syntax" default>
+ <TabItem value="Syntax" label="Syntax" default>
 
 ```bash
 --rest-api-host-allowlist=<hostname>[,<hostname>...]... or "*"
@@ -2755,32 +2755,33 @@
  <TabItem value="Example" label="Example" >
 
 ```bash
---rest-api-host-allowlist=medomain.com,meotherdomain.com
+--rest-api-host-allowlist=localhost,127.0.0.1,192.168.1.3
 ```
-
  </TabItem>
  <TabItem value="Environment variable" label="Environment variable" >
 
 ```bash
-TEKU_REST_API_HOST_ALLOWLIST=medomain.com,meotherdomain.com
+TEKU_REST_API_HOST_ALLOWLIST=localhost,127.0.0.1,192.168.1.3
 ```
-
  </TabItem>
  <TabItem value="Configuration file" label="Configuration file" >
 
 ```bash
-rest-api-host-allowlist: ["medomain.com", "meotherdomain.com"]
+rest-api-host-allowlist: ["localhost", "127.0.0.1", "192.168.1.3"]
 ```
-
  </TabItem>
 </Tabs>
 
-A comma-separated list of hostnames to allow access to the REST API.
-By default, Teku accepts access from `localhost` and `127.0.0.1`.
+A comma-separated list of hostnames or IP addresses from which the REST API server will respond. This flag restricts the server's responding addresses, but not the client access.
+
+You can listen on all addresses using `--rest-api-listen-address="*"` but restrict responses to specific hosts with this flag.
+
+By default, Teku's REST API server responds only to requests where the Host header matches `localhost` or `127.0.0.1`.
+If you specify values, the server will only respond to requests where the Host header matches one of the specified hosts or IP addresses.
 
 :::warning
 
-Only trusted parties should access the REST API.
+Only trusted parties should access the REST API`
 Do not directly expose these APIs publicly on production nodes.
 
 We don't recommend allowing all hostnames (`"*"`) for production environments.