diff options
-rw-r--r-- | config/application.rb | 3 | ||||
-rw-r--r-- | config/initializers/rack_attack.rb | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/config/application.rb b/config/application.rb index 8ac07ef337a..6ddc87010b3 100644 --- a/config/application.rb +++ b/config/application.rb @@ -77,5 +77,8 @@ module Gitlab # 3) In your unicorn.rb: ENV['RAILS_RELATIVE_URL_ROOT'] # # config.relative_url_root = "/gitlab" + + # Enable rack attack middleware + config.middleware.use Rack::Attack end end diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb new file mode 100644 index 00000000000..88e638ba118 --- /dev/null +++ b/config/initializers/rack_attack.rb @@ -0,0 +1,3 @@ +Rack::Attack.throttle('user logins, registration and password reset', limit: 6, period: 60.seconds) do |req| + req.ip if ["/users/password", "/users/sign_in", "/users"].include?(req.path) && req.post? +end |