diff options
| author | Ciro Santilli <ciro.santilli@gmail.com> | 2014-04-25 00:48:22 +0200 |
|---|---|---|
| committer | Ciro Santilli <ciro.santilli@gmail.com> | 2014-06-03 23:16:31 +0200 |
| commit | fd348de76d651d49acc8eb742cc647dc777ef5fc (patch) | |
| tree | 26f42bef57c9a636eff0a548a29cb1e2e6d12c8c /doc/security/rack_attack.md | |
| parent | de1a7aa7eb523cf2fdad12f8eeda2ba4c5b51820 (diff) | |
| download | gitlab-ce-fd348de76d651d49acc8eb742cc647dc777ef5fc.tar.gz | |
Update docs to markdown style guide.
Diffstat (limited to 'doc/security/rack_attack.md')
| -rw-r--r-- | doc/security/rack_attack.md | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/doc/security/rack_attack.md b/doc/security/rack_attack.md index 9e863bbd190..92066997be8 100644 --- a/doc/security/rack_attack.md +++ b/doc/security/rack_attack.md @@ -1,18 +1,22 @@ # Rack attack To prevent abusive clients doing damage GitLab uses rack-attack gem. + If you installed or upgraded GitLab by following the official guides this should be enabled by default. + If you are missing `config/initializers/rack_attack.rb` the following steps need to be taken in order to enable protection for your GitLab instance: -1. In config/application.rb find and uncomment the following line: - config.middleware.use Rack::Attack -2. Rename config/initializers/rack_attack.rb.example to config/initializers/rack_attack.rb -3. Review the paths_to_be_protected and add any other path you need protecting -4. Restart GitLab instance +1. In config/application.rb find and uncomment the following line: + + config.middleware.use Rack::Attack + +1. Rename `config/initializers/rack_attack.rb.example` to `config/initializers/rack_attack.rb`. + +1. Review the `paths_to_be_protected` and add any other path you need protecting. + +1. Restart GitLab instance. -By default, user sign-in, user sign-up(if enabled) and user password reset is limited to 6 requests per minute. -After trying for 6 times, client will have to wait for the next minute to be able to try again. -These settings can be found in `config/initializers/rack_attack.rb` +By default, user sign-in, user sign-up(if enabled) and user password reset is limited to 6 requests per minute. After trying for 6 times, client will have to wait for the next minute to be able to try again. These settings can be found in `config/initializers/rack_attack.rb` If you want more restrictive/relaxed throttle rule change the `limit` or `period` values. For example, more relaxed throttle rule will be if you set limit: 3 and period: 1.second(this will allow 3 requests per second). You can also add other paths to the protected list by adding to `paths_to_be_protected` variable. If you change any of these settings do not forget to restart your GitLab instance. |