nginx behind proxy: attackers are not only men

docs/configuration.rst

@@ -247,7 +247,7 @@ controls whether HTTP headers such as ``X-Forwarded-For`` or ``X-Real-IP`` shoul
 The former should be the name of the HTTP header to extract the client IP address from and the
 later a comma separated list of IP addresses designating which proxies to trust.
 If you are using Mailu behind a reverse proxy, you should set both. Setting the former without
-the latter introduces a security vulnerability allowing a potential attacker to spoof his source address.
+the latter introduces a security vulnerability allowing a potential attacker to spoof their source address.
 
 The ``TZ`` sets the timezone Mailu will use. The timezone naming convention usually uses a ``Region/City`` format. See `TZ database name`_  for a list of valid timezones This defaults to ``Etc/UTC``. Warning: if you are observing different timestamps in your log files you should change your hosts timezone to UTC instead of changing TZ to your local timezone. Using UTC allows easy log correlation with remote MTAs.
 
@@ -265,7 +265,7 @@ It can be set to:
 This requires to have a valid ``REAL_IP_FROM`` (default: unset). Setting ``PROXY_PROTOCOL`` without setting
 ``REAL_IP_FROM`` *will not work*. Make sure to set a ``REAL_IP_FROM`` only pointing to IP addresses or networks
 that you trust; accepting the ``PROXY`` protocol from untrusted sources is a serious security vulnerability,
-allowing a potential attacker to spoof his source address.
+allowing a potential attacker to spoof their source address.
 
 Antivirus settings
 ------------------