diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-13 18:09:39 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-13 18:09:39 +0000 |
commit | 00fa950a34b1c94617110b150b8b2517d5241249 (patch) | |
tree | 8f2d8683879079da8f520f7867ebd49b8beaadef /doc/user/clusters | |
parent | c36152ff8c41fad2f413f253eb7ac5c927e47c56 (diff) | |
download | gitlab-ce-00fa950a34b1c94617110b150b8b2517d5241249.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user/clusters')
-rw-r--r-- | doc/user/clusters/applications.md | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md index 900ba62d40d..192941ff6e1 100644 --- a/doc/user/clusters/applications.md +++ b/doc/user/clusters/applications.md @@ -279,21 +279,23 @@ This feature: kubectl logs -n gitlab-managed-apps $(kubectl get pod -n gitlab-managed-apps -l app=nginx-ingress,component=controller --no-headers=true -o custom-columns=:metadata.name) modsecurity-log -f ``` -To enable ModSecurity, check the **Enable Web Application Firewall** checkbox -when installing your [Ingress application](#ingress). +To enable WAF, switch its respective toggle to the enabled position when installing or updating [Ingress application](#ingress). If this is your first time using GitLab's WAF, we recommend you follow the [quick start guide](../../topics/web_application_firewall/quick_start_guide.md). There is a small performance overhead by enabling ModSecurity. If this is considered significant for your application, you can disable ModSecurity's -rule engine for your deployed application by setting -[the deployment variable](../../topics/autodevops/index.md) +rule engine for your deployed application in any of the following ways: + +1. Setting [the deployment variable](../../topics/autodevops/index.md) `AUTO_DEVOPS_MODSECURITY_SEC_RULE_ENGINE` to `Off`. This will prevent ModSecurity from processing any requests for the given application or environment. -To permanently disable it, you must [uninstall](#uninstalling-applications) and -reinstall your Ingress application for the changes to take effect. +1. Switching its respective toggle to the disabled position and applying changes through the **Save changes** button. This will reinstall +Ingress with the recent changes. + +![Disabling WAF](../../topics/web_application_firewall/img/guide_waf_ingress_save_changes_v12_9.png) ### JupyterHub |