Support CIDR notation in IP rate limitersh-support-subnets-ip-rate-limiter

This will make it possible to whitelist multiple IP addresses
(e.g. 192.168.0.1/24).

1 files changed, 3 insertions, 2 deletions

diff --git a/doc/security/rack_attack.md b/doc/security/rack_attack.md
index fa4b0d1fb09..8695b5d2194 100644
--- a/doc/security/rack_attack.md
+++ b/doc/security/rack_attack.md
@@ -53,8 +53,9 @@ For more information on how to use these options check out
 The following settings can be configured:
 
 - `enabled`: By default this is set to `false`. Set this to `true` to enable Rack Attack.
-- `ip_whitelist`: Whitelist any IPs from being blocked. They must be formatted as strings within a ruby array.
-   For example, `["127.0.0.1", "127.0.0.2", "127.0.0.3"]`.
+- `ip_whitelist`: Whitelist any IPs from being blocked. They must be formatted as strings within a Ruby array.
+   CIDR notation is supported in GitLab v12.1 and up.
+   For example, `["127.0.0.1", "127.0.0.2", "127.0.0.3", "192.168.0.1/24"]`.
 - `maxretry`: The maximum amount of times a request can be made in the
    specified time.
 - `findtime`: The maximum amount of time that failed requests can count against an IP