Commit 5d5da052 authored by Stan Hu's avatar Stan Hu

Merge branch 'patch-32' into 'master'

Precisions about the times specified in gitlab.rb for Rack Attack

See merge request gitlab-org/gitlab-ce!23246
parents 74e18035 3dbf83fe
...@@ -35,9 +35,9 @@ For more information on how to use these options check out ...@@ -35,9 +35,9 @@ For more information on how to use these options check out
gitlab_rails['rack_attack_git_basic_auth'] = { gitlab_rails['rack_attack_git_basic_auth'] = {
'enabled' => true, 'enabled' => true,
'ip_whitelist' => ["127.0.0.1"], 'ip_whitelist' => ["127.0.0.1"],
'maxretry' => 10, 'maxretry' => 10, # Limit the number of Git HTTP authentication attempts per IP
'findtime' => 60, 'findtime' => 60, # Reset the auth attempt counter per IP after 60 seconds
'bantime' => 3600 'bantime' => 3600 # Ban an IP for one hour (3600s) after too many auth attempts
} }
``` ```
...@@ -55,9 +55,9 @@ The following settings can be configured: ...@@ -55,9 +55,9 @@ The following settings can be configured:
- `maxretry`: The maximum amount of times a request can be made in the - `maxretry`: The maximum amount of times a request can be made in the
specified time. specified time.
- `findtime`: The maximum amount of time failed requests can count against an IP - `findtime`: The maximum amount of time failed requests can count against an IP
before it's blacklisted. before it's blacklisted (in seconds).
- `bantime`: The total amount of time that a blacklisted IP will be blocked in - `bantime`: The total amount of time that a blacklisted IP will be blocked (in
seconds. seconds).
**Installations from source** **Installations from source**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment