summaryrefslogtreecommitdiff
path: root/doc/security
diff options
context:
space:
mode:
authorRémy Coutable <remy@rymai.me>2019-01-14 17:24:11 +0000
committerRémy Coutable <remy@rymai.me>2019-01-14 17:24:11 +0000
commit787d9c47e7f1c33562aa2edeef322970396039f3 (patch)
tree99301c160708270ba19790384c4ccabdef95ff30 /doc/security
parent8285205815ccdb25238fcae1c1e91063a46f19b0 (diff)
parent744759e40444fcb83b2612dcf8d6ad1c8743a5f0 (diff)
downloadgitlab-ce-787d9c47e7f1c33562aa2edeef322970396039f3.tar.gz
Merge branch 'patch-31' into 'master'
GitLab 11.4.3 "Outbound requests" setting path See merge request gitlab-org/gitlab-ce!22898
Diffstat (limited to 'doc/security')
-rw-r--r--doc/security/webhooks.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/security/webhooks.md b/doc/security/webhooks.md
index b17b0a4bc4a..fb2b6768f0a 100644
--- a/doc/security/webhooks.md
+++ b/doc/security/webhooks.md
@@ -12,7 +12,7 @@ If a web service does not require authentication, Webhooks can be used to trigge
To prevent this type of exploitation from happening, starting with GitLab 10.6, all Webhook requests to the current GitLab instance server address and/or in a private network will be forbidden by default. That means that all requests made to 127.0.0.1, ::1 and 0.0.0.0, as well as IPv4 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 and IPv6 site-local (ffc0::/10) addresses won't be allowed.
-This behavior can be overridden by enabling the option *"Allow requests to the local network from hooks and services"* in the *"Outbound requests"* section inside the Admin area under **Settings** (`/admin/application_settings`):
+This behavior can be overridden by enabling the option *"Allow requests to the local network from hooks and services"* in the *"Outbound requests"* section inside the Admin area under **Settings** (`/admin/application_settings/network`):
![Outbound requests admin settings](img/outbound_requests_section.png)