diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/exploits/headers.adoc
similarity index 99%
rename from docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc
rename to docs/manual/src/docs/asciidoc/_includes/reactive/exploits/headers.adoc
index a26b5221ea..acea0e6982 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/exploits/headers.adoc
@@ -1,9 +1,8 @@
-
 [[webflux-headers]]
- Security HTTP Response Headers
+= Security HTTP Response Headers
 This section discusses Spring Security's support for adding various security headers to the response of WebFlux.
 
-= Default Security Headers
+== Default Security Headers
 Spring Security allows users to easily inject the default security headers to assist in protecting their application.
 The default for Spring Security is to include the following headers:
 
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/exploits/index.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/exploits/index.adoc
new file mode 100644
index 0000000000..55b683dfa3
--- /dev/null
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/exploits/index.adoc
@@ -0,0 +1,5 @@
+= Protection Against Exploits
+
+include::headers.adoc[leveloffset=+1]
+
+include::redirect-https.adoc[leveloffset=+1]
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/redirect-https.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/exploits/redirect-https.adoc
similarity index 100%
rename from docs/manual/src/docs/asciidoc/_includes/reactive/redirect-https.adoc
rename to docs/manual/src/docs/asciidoc/_includes/reactive/exploits/redirect-https.adoc
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/index.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/index.adoc
index 0be95b4201..ee81246bf6 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/index.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/index.adoc
@@ -2,9 +2,7 @@
 
 include::webflux.adoc[leveloffset=+1]
 
-include::headers.adoc[leveloffset=+1]
-
-include::redirect-https.adoc[leveloffset=+1]
+include::exploits/index.adoc[leveloffset=+1]
 
 include::oauth2/index.adoc[leveloffset=+1]