Fix Rack Attack documentation to reflect the feature being disabled by default

2018-01-25 12:34:57 +00:00 · 2018-01-25 12:34:57 +00:00 · 54b38529be
parent 0fd901bddd
commit 54b38529be
1 changed files with 3 additions and 3 deletions
--- a/doc/security/rack_attack.md
+++ b/doc/security/rack_attack.md
@ -14,8 +14,8 @@ limited to 6 requests per minute. After trying for 6 times, the client will
 have to wait for the next minute to be able to try again.

 If you installed or upgraded GitLab by following the [official guides](../install/README.md)
-this should be enabled by default. If your instance is not exposed to any incoming
-connections, it is recommended to disable Rack Attack.
+this should be disabled by default. If your instance is not exposed to any incoming
+connections, it is recommended to leave Rack Attack disabled.

 For more information on how to use these options check out
 [rack-attack README](https://github.com/kickstarter/rack-attack/blob/master/README.md).
@ -45,7 +45,7 @@ For more information on how to use these options check out

 The following settings can be configured:

- `enabled`: By default this is set to `true`. Set this to `false` to disable Rack Attack.
+- `enabled`: By default this is set to `false`. Set this to `true` to enable Rack Attack.
 - `ip_whitelist`: Whitelist any IPs from being blocked. They must be formatted as strings within a ruby array.
   For example, `["127.0.0.1", "127.0.0.2", "127.0.0.3"]`.
 - `maxretry`: The maximum amount of times a request can be made in the