summaryrefslogtreecommitdiff
path: root/doc/security
Commit message (Collapse)AuthorAgeFilesLines
* Improve readability of salting descriptiondocs-password-storageChristiaan Conover2019-08-221-1/+1
| | | | | Add a comma in the final sentence of the description of salting, to improve the readability of what's being said.
* Fix a typo in the section on stretchingChristiaan Conover2019-08-221-2/+2
| | | | Correct a typo in the description of how passwords are stretched.
* Fix link syntax typoChristiaan Conover2019-08-211-1/+1
| | | | | Fix a missing parentheses in the markdown for a link caused by the URL containing parentheses.
* Document how GitLab stores passwordsChristiaan Conover2019-08-212-0/+14
| | | | | | Provide details on how GitLab stores passwords, including hashing, stretching, and salting. This was driven by a customer asking for this information for a security compliance audit report.
* Add docs for rate limiter on raw endpointsMayra Cabrera2019-08-161-2/+3
| | | | | | | The section was included on security/raw_limits and on the admin area settings. Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/48717
* Add docs for local requests whitelistReuben Pereira2019-08-082-0/+30
| | | | | - Add documentation under security/webhooks since similar docs are present there.
* Compress images with pngquantAchilleas Pipinellis2019-08-071-0/+0
|
* Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65499Russell Dickenson2019-08-071-13/+13
|
* Refactor SystemHookUrlValidator and specsGeorge Koltsov2019-08-023-4/+5
| | | | | | Simplify SystemHookUrlValidator to inherit from PublicUrlValidator Refactor specs to move out shared examples to be used in both system hooks and public url validators.
* Update security/webhooks.md doc page & specsGeorge Koltsov2019-08-022-4/+4
| | | | | | Updating security/webhooks.md to match new behaviour as well as drying up few specs to extract shared examples
* Add rate limit docsMichael Kozono2019-08-023-12/+99
|
* Update root default email address to current value64768-update-email-address-on-how-to-reset-your-root-password-docsastrachan2019-07-191-1/+1
|
* Clean-up some confusing info from security docsAchilleas Pipinellis2019-07-1610-29/+56
|
* Fix whitespace in user, and misc, docsMarcel Amirault2019-07-151-38/+38
| | | | | | | | | | Many code blocks are 4spaced, and they render in GitLab without coloring as a result, even though they are fenced with a language label. If in a list, other items woll render as being in a code block too, even if not meant to. This fixes all these issues, and cleans up minor whitespace issues in /user, /security, /ssh and /migrate_ci_to_ce docs.
* Remove extra blank lines from docsMarcel Amirault2019-07-151-1/+1
| | | | | | Removing extra blank lines in docs that serve no purpose, as well as some --- lines that also are not needed.
* Remove trailing whitespace in docsMarcel Amirault2019-07-152-4/+4
| | | | | Remove unneeded trailing whitespace in lines in /security /workflow /user docs
* Support CIDR notation in IP rate limitersh-support-subnets-ip-rate-limiterStan Hu2019-06-271-2/+3
| | | | | This will make it possible to whitelist multiple IP addresses (e.g. 192.168.0.1/24).
* refactor: apply "require 2FA" to all subgroup and ancestor group members, ↵Roger Meier2019-06-131-2/+20
| | | | when changing
* Update links in information_exclusivity.md61510-review-and-update-the-security-doc-pages-to-adhere-to-ssot-standards-docsMike Lewis2019-06-091-2/+2
|
* Corrected links to use absolute path namesMatt Penna2019-06-071-2/+3
|
* Added links to pertinent GitLab docsMatt Penna2019-06-071-2/+3
| | | | Clarified who can push to a protected branch
* Apply suggestion to doc/security/webhooks.mdMatt Penna2019-06-071-2/+2
|
* Apply suggestion to doc/security/rack_attack.mdMatt Penna2019-06-071-1/+1
|
* Updated security docsMatt Penna2019-06-071-1/+1
| | | | | | | | | | | | Changes include: - Added front matter - Added Troubleshooting header - Shorted long lines - Corrected typos and improved clarity throughout
* Various edits to security documentationMatt Penna2019-06-0711-51/+233
| | | | Edits to conform with CE epic 1280 SSOT standards, other improvements
* Add type to frontmatterAchilleas Pipinellis2019-06-074-4/+17
|
* Clarify and improve 2FA configuration informationEvan Read2019-06-053-19/+16
|
* Changes RackAttack logger to use structured logsMayra Cabrera2019-05-241-1/+1
| | | | | | | | Creates a new filename to register auth logs. This change should allow SRE's queries to make better queries through logging infrastructure. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54528
* Docs: add details about restricted SSH keysTristan Williams2019-02-222-0/+8
|
* Docs: Misc small fixes to docsMarcel Amirault2019-02-121-0/+1
|
* Fix most instances of bare URLs in markdownEvan Read2019-01-241-2/+2
|
* Merge branch 'patch-31' into 'master'Rémy Coutable2019-01-141-1/+1
|\ | | | | | | | | GitLab 11.4.3 "Outbound requests" setting path See merge request gitlab-org/gitlab-ce!22898
| * GitLab 11.4.3 "Outbound requests" setting pathThunk2018-11-081-1/+1
| |
* | Make unordered lists conform to styleguidedocs/fix-unordered-list-styleEvan Read2019-01-081-5/+5
| | | | | | | | - Also makes other minor Markdown fixes that were near the main fixes.
* | Update doc/security/rack-attack.mdMatt Rice2018-12-111-2/+1
| |
* | fix: update the link to the new address.Salman Mohammadi2018-12-041-1/+1
| | | | | | this change eliminates the need to redirect the page.
* | Precisions about the times specified in gitlab.rb for Rack AttackIllan RUL-DA CUNHA2018-11-201-6/+6
| |
* | Resolve Markdown ordered lists not conforming to styleguidedocs/fix-ordered-list-item-prefixEvan Read2018-11-132-11/+11
|/
* Correct Gitlab to GitLab in docsMarcel Amirault2018-09-251-1/+1
|
* Correct grammar (setup to set-up) in DocsMarcel Amirault2018-09-211-1/+1
|
* Fix minor error in doc/security/user_email_confirmation.mdYannick Binnenweg2018-08-291-1/+1
| | | | | | | Originally submitted at https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3190. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Add instructions to unlock an accountAaron2018-08-293-1/+33
| | | | | | | Originally submitted at https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/6578. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Compress all PNG images under doc/Achilleas Pipinellis2018-08-274-0/+0
| | | | | | | | | | The pngquant tool was used https://pngquant.org, and particularly, the following command: /usr/bin/pngquant -f --skip-if-larger --ext .png --speed 1 image.png Before: 47584K After : 34924K
* Merge branch 'update-rack-attack-deprecation-note-in-docs' into 'master'Douwe Maan2018-07-251-0/+4
|\ | | | | | | | | Adds rack attack disabled by default notice to documentation See merge request gitlab-org/gitlab-ce!20833
| * Adds rack attack disabled by default notice to documentationupdate-rack-attack-deprecation-note-in-docsTiago Botelho2018-07-251-0/+4
| |
* | Fix Rack Attack documentation to reflect the feature being disabled by defaultTiago Botelho2018-07-251-3/+3
|/
* docMark Chao2018-06-062-2/+2
|
* Improve documentation of SSRF protectionFrancisco Javier López2018-04-242-3/+10
|
* Update rack attack docsCindy Pallares 🦉2018-01-231-13/+123
|
* Exclude comments from specific docsAchilleas Pipinellis2017-11-011-0/+4
|
View Lorry Controller Status