kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Merge branch 'update-rack-attack-deprecation-note-in-docs' into 'master' 

Adds rack attack disabled by default notice to documentation

See merge request gitlab-org/gitlab-ce!20833
This commit is contained in:
Douwe Maan 2018-07-25 09:41:48 +00:00
parent cd03a8ad6f f0f285efc2
commit 9aa07a7ec2
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/security/rack_attack.md
View File

@ -9,6 +9,10 @@ In case you find throttling is not enough to protect you against abusive clients
Rack Attack offers IP whitelisting, blacklisting, Fail2ban style filtering and Rack Attack offers IP whitelisting, blacklisting, Fail2ban style filtering and
tracking. tracking.
**Note:** Starting with 11.2, Rack Attack is disabled by default. To continue
using this feature, please enable it in your `gitlab.rb` by setting
`gitlab_rails['rack_attack_git_basic_auth'] = true`.
By default, user sign-in, user sign-up (if enabled), and user password reset is By default, user sign-in, user sign-up (if enabled), and user password reset is
limited to 6 requests per minute. After trying for 6 times, the client will limited to 6 requests per minute. After trying for 6 times, the client will
have to wait for the next minute to be able to try again. have to wait for the next minute to be able to try again.