Apply suggestions from code review

RoRoJ · jcirinosclwy · web-flow · commit 2942b3013ebb · 2025-03-26T14:21:52.000+01:00
Co-authored-by: Jessica &lt;113192637+jcirinosclwy@users.noreply.github.com&gt;
diff --git a/pages/vpc/faq.mdx b/pages/vpc/faq.mdx
@@ -54,7 +54,7 @@ Yes, use the [Network ACL feature](/vpc/how-to/manage-nacl) to filter packets fl
 NACLs are currently in Public Beta, and configurable only via the [VPC API](https://www.scaleway.com/en/developers/api/vpc/) and developer tools. This feature will be coming soon to the Scaleway console.
 </Message>
 
-#"# How are NACLs different to security groups?
+## How are NACLs different from security groups?
 
 [Security groups](/instances/how-to/use-security-groups/) filter **public** traffic on your Instances, whereas NACLs filter traffic to/from Private Networks only.
 
diff --git a/pages/vpc/reference-content/understanding-nacls.mdx b/pages/vpc/reference-content/understanding-nacls.mdx
@@ -25,7 +25,7 @@ This document sets out general information and best practices about Scaleway VPC
 
 Every Scaleway VPC has a Network ACL. In its initial state, it contains no rules. Thanks to [managed routing](/vpc/reference-content/understanding-routing/), which automatically routes traffic between Private Networks, traffic is freely routed between the Private Networks of the VPC.
 
-When you start adding rules to your NACL, traffic flow is restricted between certain sources and destinations within the VPC, according to the rules you set. A default rule is added to the NACL, which dictates the action to take on traffic that does not match of the rules in the list: it can either be **allowed** or **denied**.
+When you start adding rules to your NACL, traffic flow is restricted between certain sources and destinations within the VPC, according to the rules you set. A default rule is added to the NACL, which dictates the action to take on traffic that does not match any rules in the list: it can either be **allowed** or **denied**.
 
 <Lightbox src="scaleway-nacl-diag-simple.webp" alt="A schema shows how the NACL sits at the intersection of two Private Networks in a Scaleway VPC" />
 
@@ -81,7 +81,7 @@ The table below shows an example of an NACL for IPv4 traffic:
 
 - An ICMP rule allows all ICMP traffic from/to all IPv4 addresses on all ports, effectively permitting all ping requests within the VPC to function.
 
-- A TCP rule allows PostgreSQL access on port 5432 from one Private Network (172.16.2.0.5/22) to another Private Network (172.16.8.0/22). An **inverse rule** also allows PostgreSQL access from Private Network B to A. TODO CHECK - TEST
+- A TCP rule allows PostgreSQL access on port 5432 from one Private Network (172.16.2.0.5/22) to another Private Network (172.16.8.0/22). An **inverse rule** also allows PostgreSQL access from Private Network B to A.
 
 - A TCP rule allows connections from all IPv4 sources to all IPv4 destinations on the port range `32768-65535`, effectively allowing all return (incoming) traffic towards ephemeral ports.
 
