diff --git a/docs/developer/RELEASE.md b/docs/developer/RELEASE.md
index 19158ac5..5d699a02 100644
--- a/docs/developer/RELEASE.md
+++ b/docs/developer/RELEASE.md
@@ -150,8 +150,8 @@ The release is built on https://code.forgejo.org/forgejo-integration/runner, whi
 
 The release is published on
 https://forgejo.octopuce.forgejo.org/forgejo/runner, which is a mirror
-of https://code.forgejo.org/forgejo-integration/runner. It is behind a
-VPN and its role is to copy and sign release artifacts.
+of https://code.forgejo.org/forgejo-integration/runner. It has no public IP
+and its role is to copy and sign release artifacts.
 
 - Binaries are downloaded from https://code.forgejo.org/forgejo-integration/runner, signed and copied to https://code.forgejo.org/forgejo/runner.
 - Container images are copied from https://code.forgejo.org/forgejo-integration to https://code.forgejo.org/forgejo
@@ -169,7 +169,7 @@ providing the secrets from the command line.
 
 ### Securing the release token and cryptographic keys
 
-For both the Forgejo runner and Forgejo itself, copying and signing the release artifacts (container images and binaries) happen on a Forgejo isntance running [behind a VPN](../infrastructure/#octopuce) to safeguard the token that has write access to the Forgejo repository as well as the cryptographic key used to sign the releases.
+For both the Forgejo runner and Forgejo itself, copying and signing the release artifacts (container images and binaries) happen on a Forgejo instance [not publicly accessible](../infrastructure/#octopuce) to safeguard the token that has write access to the Forgejo repository as well as the cryptographic key used to sign the releases.
 
 ### Website update