summaryrefslogtreecommitdiff
path: root/doc/security
Commit message (Collapse)AuthorAgeFilesLines
* Docs: add details about restricted SSH keysTristan Williams2019-02-222-0/+8
|
* Docs: Misc small fixes to docsMarcel Amirault2019-02-121-0/+1
|
* Fix most instances of bare URLs in markdownEvan Read2019-01-241-2/+2
|
* Merge branch 'patch-31' into 'master'Rémy Coutable2019-01-141-1/+1
|\ | | | | | | | | GitLab 11.4.3 "Outbound requests" setting path See merge request gitlab-org/gitlab-ce!22898
| * GitLab 11.4.3 "Outbound requests" setting pathThunk2018-11-081-1/+1
| |
* | Make unordered lists conform to styleguidedocs/fix-unordered-list-styleEvan Read2019-01-081-5/+5
| | | | | | | | - Also makes other minor Markdown fixes that were near the main fixes.
* | Update doc/security/rack-attack.mdMatt Rice2018-12-111-2/+1
| |
* | fix: update the link to the new address.Salman Mohammadi2018-12-041-1/+1
| | | | | | this change eliminates the need to redirect the page.
* | Precisions about the times specified in gitlab.rb for Rack AttackIllan RUL-DA CUNHA2018-11-201-6/+6
| |
* | Resolve Markdown ordered lists not conforming to styleguidedocs/fix-ordered-list-item-prefixEvan Read2018-11-132-11/+11
|/
* Correct Gitlab to GitLab in docsMarcel Amirault2018-09-251-1/+1
|
* Correct grammar (setup to set-up) in DocsMarcel Amirault2018-09-211-1/+1
|
* Fix minor error in doc/security/user_email_confirmation.mdYannick Binnenweg2018-08-291-1/+1
| | | | | | | Originally submitted at https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3190. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Add instructions to unlock an accountAaron2018-08-293-1/+33
| | | | | | | Originally submitted at https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/6578. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Compress all PNG images under doc/Achilleas Pipinellis2018-08-274-0/+0
| | | | | | | | | | The pngquant tool was used https://pngquant.org, and particularly, the following command: /usr/bin/pngquant -f --skip-if-larger --ext .png --speed 1 image.png Before: 47584K After : 34924K
* Merge branch 'update-rack-attack-deprecation-note-in-docs' into 'master'Douwe Maan2018-07-251-0/+4
|\ | | | | | | | | Adds rack attack disabled by default notice to documentation See merge request gitlab-org/gitlab-ce!20833
| * Adds rack attack disabled by default notice to documentationupdate-rack-attack-deprecation-note-in-docsTiago Botelho2018-07-251-0/+4
| |
* | Fix Rack Attack documentation to reflect the feature being disabled by defaultTiago Botelho2018-07-251-3/+3
|/
* docMark Chao2018-06-062-2/+2
|
* Improve documentation of SSRF protectionFrancisco Javier López2018-04-242-3/+10
|
* Update rack attack docsCindy Pallares 🦉2018-01-231-13/+123
|
* Exclude comments from specific docsAchilleas Pipinellis2017-11-011-0/+4
|
* More review commentsNick Thomas2017-08-301-0/+0
|
* Address review commentsNick Thomas2017-08-302-4/+5
|
* Rework the permissions model for SSH key restrictionsNick Thomas2017-08-301-0/+0
| | | | | | | | | | | | | | | `allowed_key_types` is removed and the `minimum_<type>_bits` fields are renamed to `<tech>_key_restriction`. A special sentinel value (`-1`) signifies that the key type is disabled. This also feeds through to the UI - checkboxes per key type are out, inline selection of "forbidden" and "allowed" (i.e., no restrictions) are in. As with the previous model, unknown key types are disallowed, even if the underlying ssh daemon happens to support them. The defaults have also been changed from the lowest known bit size to "no restriction". So if someone does happen to have a 768-bit RSA key, it will continue to work on upgrade, at least until the administrator restricts them.
* Add settings for minimum key strength and allowed key typeNick Thomas2017-08-303-0/+19
| | | | | | | | This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712
* Support 2FA requirement per-groupMarkus Koller2017-04-062-1/+16
|
* Move webhooks to new a location under IntegrationsAchilleas Pipinellis2017-02-031-2/+2
|
* Reduce size of images from 25MB to 13MB using pngquantAchilleas Pipinellis2016-11-221-0/+0
| | | | | | Took it from https://gitlab.com/gitlab-com/www-gitlab-com/merge_requests/3232 [ci skip]
* optimize png images losslessly using zopflipngPeter Dave Hello2016-06-291-0/+0
|
* Change landing page when skipping confirmation email and add documentationFelipe Artur2016-05-162-0/+8
|
* Use relative links in `doc`, fix broken generated HTML linksAnatoly Borodin2016-03-171-1/+1
| | | | | | | | | | | | | | | | | Links like (doc/web_hooks/web_hooks.md) work in the GitLab source code web interface, but the HTML generator produces broken links in the `doc` subdirectories: http://doc.gitlab.com/ce/hooks/doc/web_hooks/web_hooks.html instead of the right one http://doc.gitlab.com/ce/web_hooks/web_hooks.html in http://doc.gitlab.com/ce/hooks/custom_hooks.html. Fixes #14338 [ci skip] Signed-off-by: Anatoly Borodin <anatoly.borodin@gmail.com>
* web hooks to webhooksashleys2016-03-102-7/+7
|
* Make "Two-factor" casing consistent throughout the applicationrs-two-factor-casingRobert Speicher2016-01-311-1/+1
|
* Add image to 2fa security documentationAchilleas Pipinellis2016-01-222-4/+11
| | | | [ci skip]
* Clean up CRIME security doc [ci skip]Achilleas Pipinellis2015-12-251-37/+41
|
* Merge branch 'master' into adding_crime_securityAchilleas Pipinellis2015-12-252-0/+39
|\
| * Fixed codestyle and added 2FA documentationfeature/force-tfaGabriel Mazetto2015-12-242-0/+39
| |
* | Adding how we manage CRIME vulnerability to security docs [ci skip]adding_crime_securityJose Torres2015-12-192-0/+60
|/
* Document file upload random uuid securityDrew Blessing2015-12-102-1/+13
|
* make it more obvious what happens in the codeJob van der Voort2015-05-081-4/+4
|
* remove redundant colonJob van der Voort2015-05-081-1/+1
|
* Deleted > and commented "or" outKaren Carias2015-05-071-5/+9
|
* Added link to root password doc correctlyKaren Carias2015-05-071-0/+1
|
* New file to add to security documentation, "How to reset your root password"Karen Carias2015-04-281-0/+36
|
* Add doc on "Web Hooks and insecure internal web services".Douwe Maan2015-02-072-0/+14
|
* Fix a number of discovered typos, capitalization of developer andEwan Edwards2015-02-031-1/+1
| | | | product names, plus a couple of instances of bad Markdown markup.
* Add explanation about unintentional sharing.Sytse Sijbrandij2014-09-181-0/+1
|
* Add information on information exclusivity.Sytse Sijbrandij2014-09-182-0/+9
|
* Update docs to markdown style guide.Ciro Santilli2014-06-033-10/+17
|
View Lorry Controller Status