diff --git a/Documentation/Filters/Database-Firewall-Filter.md b/Documentation/Filters/Database-Firewall-Filter.md
index 6929318fd..7126e74be 100644
--- a/Documentation/Filters/Database-Firewall-Filter.md
+++ b/Documentation/Filters/Database-Firewall-Filter.md
@@ -3,45 +3,7 @@
 Table of Contents
 =================
 
-* [Overview](#overview)
-* [Configuration](#configuration)
-   * [Filter Parameters](#filter-parameters)
-      * [rules](#rules)
-      * [action](#action)
-      * [log_match](#log_match)
-      * [log_no_match](#log_no_match)
-* [Rule syntax](#rule-syntax)
-   * [Mandatory rule parameters](#mandatory-rule-parameters)
-      * [wildcard](#wildcard)
-         * [Example](#example)
-      * [columns](#columns)
-         * [Example](#example-1)
-      * [function](#function)
-         * [Example](#example-2)
-      * [not_function](#not_function)
-      * [Example](#example-3)
-      * [uses_function](#uses_function)
-         * [Example](#example-4)
-      * [function and columns](#function-and-columns)
-         * [Example](#example-5)
-      * [not_function and columns](#not_function-and-columns)
-         * [Example](#example-6)
-      * [regex](#regex)
-         * [Example](#example-7)
-      * [limit_queries](#limit_queries)
-         * [Example](#example-8)
-      * [no_where_clause](#no_where_clause)
-         * [Example](#example-9)
-   * [Optional rule parameters](#optional-rule-parameters)
-      * [at_times](#at_times)
-      * [on_queries](#on_queries)
-   * [Applying rules to users](#applying-rules-to-users)
-* [Module commands](#module-commands)
-   * [dbfwfilter::rules/reload [FILE]](#dbfwfilterrulesreload-file)
-   * [dbfwfilter::rules](#dbfwfilterrules)
-* [Use Cases](#use-cases)
-   * [Use Case 1 - Prevent rapid execution of specific queries](#use-case-1---prevent-rapid-execution-of-specific-queries)
-   * [Use Case 2 - Only allow deletes with a where clause](#use-case-2---only-allow-deletes-with-a-where-clause)
+[TOC]
 
 ## Overview
 
@@ -51,6 +13,10 @@ database instances or to limit access to the database based on a more flexible
 set of rules compared to the traditional GRANT-based privilege system. Currently
 the filter does not support multi-statements.
 
+Note that the firewall filter should be viewed as a best-effort solution
+intended for protecting against accidental misuse rather than malicious
+attacks.
+
 ## Configuration
 
 The Database Firewall filter only requires minimal configuration in the
diff --git a/Documentation/Filters/Masking.md b/Documentation/Filters/Masking.md
index dbeb2dbaf..ad13c72f7 100644
--- a/Documentation/Filters/Masking.md
+++ b/Documentation/Filters/Masking.md
@@ -41,6 +41,10 @@ the _ssn_ would be masked, as in
 ...
 ```
 
+Note that the masking filter should be viewed as a best-effort solution
+intended for protecting against accidental misuse rather than malicious
+attacks.
+
 ## Security
 
 From MaxScale 2.3 onwards, the masking filter will reject statements