Add manifest instructions

Author: jjngx

site/content/configuration/security.md

@@ -41,7 +41,7 @@ NGINX Ingress Controller is designed to be resilient against attacks in various
 
 This is not enabled by default, but can be enabled with **Helm** using the [**controller.readOnlyRootFilesystem**]({{< relref "installation/installing-nic/installation-with-helm.md#configuration" >}}) argument, and in security contexts in both: `waf_enforcer` [**controller.appprotect.enforcer.securityContext{}**]({{ < relref "installation/installing-nic/installation-with-helm.md#configuration" >}}) and `waf_config_mgr` [**controller.appprotect.configManager.securityContext{}**]({{ < relref "installation/installing-nic/installation-with-helm.md#configuration" >}}).
 
-For **Manifests**, uncomment the following sections of the deployment:
+For **Manifests**, uncomment the following sections of the deployment and add sections for `waf_enforcer` and `waf_config_mgr` containers:
 
 - `readOnlyRootFilesystem: true`
 - The entire **volumeMounts** section
@@ -77,7 +77,6 @@ The block below shows the code you will look for:
 #          name: nginx-log
 ```
 
-
 ### Prometheus
 
 If Prometheus metrics are [enabled]({{< relref "/logging-and-monitoring/prometheus.md" >}}), we recommend [using HTTPS]({{< relref "configuration/global-configuration/command-line-arguments.md#cmdoption-prometheus-tls-secret" >}}).