summaryrefslogtreecommitdiff
path: root/doc/security/rate_limits.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/security/rate_limits.md')
-rw-r--r--doc/security/rate_limits.md15
1 files changed, 8 insertions, 7 deletions
diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md
index 14fc526ca7e..a9b066631e7 100644
--- a/doc/security/rate_limits.md
+++ b/doc/security/rate_limits.md
@@ -1,6 +1,6 @@
---
stage: Manage
-group: Authentication & Authorization
+group: Authentication and Authorization
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
type: reference, howto
---
@@ -41,6 +41,7 @@ You can set these rate limits in the Admin Area of your instance:
- [Git LFS rate limits](../user/admin_area/settings/git_lfs_rate_limits.md)
- [Files API rate limits](../user/admin_area/settings/files_api_rate_limits.md)
- [Deprecated API rate limits](../user/admin_area/settings/deprecated_api_rate_limits.md)
+- [GitLab Pages rate limits](../administration/pages/index.md#rate-limits)
You can set these rate limits using the Rails console:
@@ -89,7 +90,7 @@ The **rate limit** is 5 requests per minute per user.
### Users sign up
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77835) in GitLab 14.7.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/339151) in GitLab 14.7.
There is a rate limit per IP address on the `/users/sign_up` endpoint. This is to mitigate attempts to misuse the endpoint. For example, to mass
discover usernames or email addresses in use.
@@ -98,19 +99,19 @@ The **rate limit** is 20 calls per minute per IP address.
### Update username
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77221) in GitLab 14.7.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/339152) in GitLab 14.7.
-There is a rate limit on the update username action. This is enforced to mitigate misuse of the feature. For example, to mass discover
+There is a rate limit on how frequently a username can be changed. This is enforced to mitigate misuse of the feature. For example, to mass discover
which usernames are in use.
The **rate limit** is 10 calls per minute per signed-in user.
### Username exists
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77119) in GitLab 14.7.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/29040) in GitLab 14.7.
-There is a rate limit for the internal endpoint `/users/:username/exists`, used by registration to perform a client-side validation for
-uniqueness of the chosen username. This is to mitigate the risk of misuses, such as mass discovery of usernames in use.
+There is a rate limit for the internal endpoint `/users/:username/exists`, used upon sign up to check if a chosen username has already been taken.
+This is to mitigate the risk of misuses, such as mass discovery of usernames in use.
The **rate limit** is 20 calls per minute per IP address.
View Lorry Controller Status