Update README.md

README.md

@@ -10,20 +10,19 @@ MyVesta Control Panel
 Features
 ==================================================
 
-1) Apache is on mpm_event by default, PHP is running in PHP-FPM
+> + Apache is on mpm_event by default, PHP is running in PHP-FPM
 
-2) You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
+> + You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
+> After installation just execute:
+> ```
+> echo "<?php \$login_url='MY-SECRET-URL';" > /usr/local/vesta/web/inc/login_url.php
+> ```
+> Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL.
+> You can see how mechanism was built by looking at:
+>   + https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
+>   + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
 
-After installation just execute:
-```
-echo "<?php \$login_url='MY-SECRET-URL';" > /usr/local/vesta/web/inc/login_url.php
-```
-Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL.
-You can see how mechanism was built by looking at:
-- https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
-- https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
-
-3) We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
+> + We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
 
 About VestaCP
 ==================================================