From e28f71c8cc3e4fd422691be71fcc02fa41b38915 Mon Sep 17 00:00:00 2001
From: Dan LeGate <54772952+MarieTay@users.noreply.github.com>
Date: Thu, 23 Feb 2023 20:07:57 -0800
Subject: [PATCH] Update page.md

Script-Protect is under Settings -> Request... not Settings -> Application which was indicated
---
 .../04.locking-down-lucee-server/page.md                        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/04.guides/12.deploying-lucee-server-apps/04.locking-down-lucee-server/page.md b/docs/04.guides/12.deploying-lucee-server-apps/04.locking-down-lucee-server/page.md
index 41c7f3fbf..87fd88e5a 100644
--- a/docs/04.guides/12.deploying-lucee-server-apps/04.locking-down-lucee-server/page.md
+++ b/docs/04.guides/12.deploying-lucee-server-apps/04.locking-down-lucee-server/page.md
@@ -26,7 +26,7 @@ To change the Request Timeout value, log in to the Lucee server administrator an
 
 Lucee's built-in Script-Protect feature is designed to protect your site from cross-site scripting attacks. Script-Protect will automatically filter dangerous tags in incoming variable scopes like CGI, cookie, form, and URL scopes.
 
-To ensure Lucee's Script-Protect feature is enabled, log in to the Lucee server administrator and go to Settings -> Application -> Script-Protect and ensure it's set to "all".
+To ensure Lucee's Script-Protect feature is enabled, log in to the Lucee server administrator and go to Settings -> Request -> Script-Protect and ensure it's set to "all".
 
 Note: This setting does not provide comprehensive cross-site scripting prevention, additional steps must be taken in your custom source code to alleviate risk.