diff --git a/htroot/Settings_ServerAccess.inc b/htroot/Settings_ServerAccess.inc
index 4950ac93d..314873437 100644
--- a/htroot/Settings_ServerAccess.inc
+++ b/htroot/Settings_ServerAccess.inc
@@ -3,9 +3,9 @@
 <fieldset><legend id="general">Server Access Settings</legend>
 <table border="0" cellspacing="5">
   <tr valign="top">
-    <td>IP-Number filter:</td>
-    <td><input name="serverfilter" type="text" size="32" maxlength="1000" value="#[serverfilter]#" /><br />(requires restart)</td>
-    <td><strong>Here you can restrict access to the server.</strong>  By default, the access is not limited,
+    <td><label for="serverfilter">IP-Number filter:</label></td>
+    <td><input name="serverfilter" id="serverfilter" aria-describedby="serverfilterInfo" type="text" size="32" maxlength="1000" value="#[serverfilter]#" /><br />(requires restart)</td>
+    <td id="serverfilterInfo"><strong>Here you can restrict access to the server.</strong>  By default, the access is not limited,
            because this function is needed to spawn the p2p index-sharing function.
            If you block access to your server (setting anything else than '*'), then you will also be blocked
            from using other peers' indexes for search service.
@@ -17,9 +17,9 @@
     </td>
   </tr>
   <tr valign="top">
-    <td>staticIP (optional):</td>
-    <td><input name="staticIP" type="text" size="32" maxlength="80" value="#[staticIP]#" /></td>
-    <td><strong>The staticIP can help that your peer can be reached by other peers in case that your
+    <td><label for="staticIP">staticIP (optional):</label></td>
+    <td><input name="staticIP" id="staticIP" aria-describedby="staticIPInfo" type="text" size="32" maxlength="80" value="#[staticIP]#" /></td>
+    <td id="staticIPInfo"><strong>The staticIP can help that your peer can be reached by other peers in case that your
            peer is behind a firewall or proxy.</strong> You can create a tunnel through the firewall/proxy
            (look out for 'tunneling through https proxy with connect command') and create
            an access point for incoming connections.
@@ -31,11 +31,11 @@
            you will not be able to access the server pages anymore.</td>
   </tr>
   <tr valign="top">
-    <td>fileHost:</td>
-    <td><input name="fileHost" type="text" size="32" maxlength="80" value="#[fileHost]#" /><br />(requires restart)</td>
-    <td><strong>Set this to avoid error-messages like 'proxy use not allowed / granted' on accessing your Peer by its hostname.</strong>
+    <td><label for="fileHost">fileHost:</label></td>
+    <td><input name="fileHost" id="fileHost" aria-describedby="fileHostInfo" type="text" size="32" maxlength="80" value="#[fileHost]#" /><br />(requires restart)</td>
+    <td id="fileHostInfo"><strong>Set this to avoid error-messages like 'proxy use not allowed / granted' on accessing your Peer by its hostname.</strong>
 			Virtual host for httpdFileServlet access for example http://FILEHOST/ shall access the file servlet and
-			return the defaultFile at rootPath either way, http://FILEHOST/ denotes the same as http://localhost:<port>/
+			return the defaultFile at rootPath either way, http://FILEHOST/ denotes the same as http://localhost:&lt;port&gt;/
 			for the preconfigured value 'localpeer', the URL is: http://localpeer/.</td>
   </tr>
   <tr valign="top">
@@ -47,19 +47,19 @@
 <fieldset><legend id="serverports">Server Port Settings</legend>
 <table border="0" cellspacing="5">
   <tr valign="top">
-    <td>Server port:</td>
-    <td><input name="port" type="text" size="7" maxlength="6" value="#[port]#" /></td>
-    <td>This is the main port for all http communication (default is 8090). A change requires a restart.</td>
+    <td><label for="port">Server port:</label></td>
+    <td><input name="port" id="port" aria-describedby="portInfo" type="text" size="7" maxlength="6" value="#[port]#" /></td>
+    <td id="portInfo">This is the main port for all http communication (default is 8090). A change requires a restart.</td>
   </tr>
   <tr valign="top">
-    <td>Server ssl port:</td>
-    <td><input name="port.ssl" type="text" size="7" maxlength="6" value="#[server.https_port.ssl]#" /></td>
-    <td>This is the port to connect via https (default is 8443). A change requires a restart.</td>
+    <td><label for="port.ssl">Server ssl port:</label></td>
+    <td><input name="port.ssl" id="port.ssl" aria-describedby="port.sslInfo" type="text" size="7" maxlength="6" value="#[server.https_port.ssl]#" /></td>
+    <td id="port.sslInfo">This is the port to connect via https (default is 8443). A change requires a restart.</td>
   </tr>
   <tr valign="top">
-    <td>Shutdown port:</td>
-    <td><input name="port.shutdown" type="text" size="7" maxlength="6" value="#[port.shutdown]#" /></td>
-    <td>This is the local port on the loopback address (127.0.0.1 or :1) to listen for a shutdown signal to stop the YaCy server (-1 disables the shutdown port, recommended default is 8005). A change requires a restart.</td>
+    <td><label for="port.shutdown">Shutdown port:</label></td>
+    <td><input name="port.shutdown" id="port.shutdown" aria-describedby="port.shutdownInfo" type="text" size="7" maxlength="6" value="#[port.shutdown]#" /></td>
+    <td id="port.shutdownInfo">This is the local port on the loopback address (127.0.0.1 or :1) to listen for a shutdown signal to stop the YaCy server (-1 disables the shutdown port, recommended default is 8005). A change requires a restart.</td>
   </tr>
   <tr valign="top">
     <td colspan="3"><input type="submit" name="serverports" class="btn btn-primary" value="Submit" /></td>