Commit e92ad8ab authored by Tiago Botelho's avatar Tiago Botelho

Adds Rack Attack disabled by default notice to the docs

parent ce6bf165
...@@ -9,6 +9,10 @@ In case you find throttling is not enough to protect you against abusive clients ...@@ -9,6 +9,10 @@ In case you find throttling is not enough to protect you against abusive clients
Rack Attack offers IP whitelisting, blacklisting, Fail2ban style filtering and Rack Attack offers IP whitelisting, blacklisting, Fail2ban style filtering and
tracking. tracking.
**Note:** Starting with 11.0, Rack Attack will be disabled by default. To continue
using this feature, please enable it in your `gitlab.rb` by setting
`gitlab_rails['rack_attack_git_basic_auth'] = true`.
By default, user sign-in, user sign-up (if enabled), and user password reset is By default, user sign-in, user sign-up (if enabled), and user password reset is
limited to 6 requests per minute. After trying for 6 times, the client will limited to 6 requests per minute. After trying for 6 times, the client will
have to wait for the next minute to be able to try again. have to wait for the next minute to be able to try again.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment