summaryrefslogtreecommitdiff
path: root/doc/security
diff options
context:
space:
mode:
authorIllan RUL-DA CUNHA <illan.ruldacunha@gmail.com>2018-11-20 16:44:15 +0000
committerIllan RUL-DA CUNHA <illan.ruldacunha@gmail.com>2018-11-20 16:44:15 +0000
commit3dbf83fe46ad1a99d68149b943dc2500aef655cb (patch)
tree5f0a7ae3b624a5078f0c8033c25efcb59144fbcf /doc/security
parentd179ffc25ceb7ffd9bf241494c03a8d90a0aab58 (diff)
downloadgitlab-ce-3dbf83fe46ad1a99d68149b943dc2500aef655cb.tar.gz
Precisions about the times specified in gitlab.rb for Rack Attack
Diffstat (limited to 'doc/security')
-rw-r--r--doc/security/rack_attack.md12
1 files changed, 6 insertions, 6 deletions
diff --git a/doc/security/rack_attack.md b/doc/security/rack_attack.md
index 07e7b3da13b..dcdc9f42c22 100644
--- a/doc/security/rack_attack.md
+++ b/doc/security/rack_attack.md
@@ -35,9 +35,9 @@ For more information on how to use these options check out
gitlab_rails['rack_attack_git_basic_auth'] = {
'enabled' => true,
'ip_whitelist' => ["127.0.0.1"],
- 'maxretry' => 10,
- 'findtime' => 60,
- 'bantime' => 3600
+ 'maxretry' => 10, # Limit the number of Git HTTP authentication attempts per IP
+ 'findtime' => 60, # Reset the auth attempt counter per IP after 60 seconds
+ 'bantime' => 3600 # Ban an IP for one hour (3600s) after too many auth attempts
}
```
@@ -55,9 +55,9 @@ The following settings can be configured:
- `maxretry`: The maximum amount of times a request can be made in the
specified time.
- `findtime`: The maximum amount of time failed requests can count against an IP
- before it's blacklisted.
-- `bantime`: The total amount of time that a blacklisted IP will be blocked in
- seconds.
+ before it's blacklisted (in seconds).
+- `bantime`: The total amount of time that a blacklisted IP will be blocked (in
+ seconds).
**Installations from source**