Add Rate Limits description

author: Michael Kozono <mkozono@gmail.com> 2019-07-29 10:42:22 -0700
committer: Michael Kozono <mkozono@gmail.com> 2019-07-29 10:42:52 -0700
commit: ef6e325d03f41a0db0487998022a89af3e242d39 (patch)
tree: 4ed606ca2012d5909a0e50c24daf89db473655bf
parent: 098bc641a608f26eb0a5f82c487e5bdea4ca5afe (diff)
download: gitlab-ce-ef6e325d03f41a0db0487998022a89af3e242d39.tar.gz
1 files changed, 13 insertions, 1 deletions
diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md
index 54fba12483e..7feef434160 100644
--- a/doc/security/rate_limits.md
+++ b/doc/security/rate_limits.md
@@ -5,9 +5,21 @@ type: reference, howto
 # Rate limits
 
 NOTE: **Note:**
-For GitLab.com, please see 
+For GitLab.com, please see
 [GitLab.com-specific rate limits](../user/gitlab_com/index.md#gitlabcom-specific-rate-limits).
 
+Rate limiting is a common technique used to improve the security and durability
+of a web application.
+
+For example, a simple script can make thousands of web requests per second.
+Whether malicious, apathetic, or just a bug, your application and infrastructure
+may not be able to cope with the load (see
+[Denial-of-service attack](https://en.wikipedia.org/wiki/Denial-of-service_attack)).
+Most cases can be mitigated by limiting the rate of requests from a single IP.
+
+Most [Brute-force attacks](https://en.wikipedia.org/wiki/Brute-force_attack) are
+similarly mitigated by a rate limit.
+
 ## Admin Area settings
 
 See
author	Michael Kozono <mkozono@gmail.com>	2019-07-29 10:42:22 -0700
committer	Michael Kozono <mkozono@gmail.com>	2019-07-29 10:42:52 -0700
commit	ef6e325d03f41a0db0487998022a89af3e242d39 (patch)
tree	4ed606ca2012d5909a0e50c24daf89db473655bf
parent	098bc641a608f26eb0a5f82c487e5bdea4ca5afe (diff)
download	gitlab-ce-ef6e325d03f41a0db0487998022a89af3e242d39.tar.gz