Adds rack attack disabled by default notice to documentationupdate-rack-attack-deprecation-note-in-docs

author: Tiago Botelho <tiagonbotelho@hotmail.com> 2018-07-25 09:48:02 +0100
committer: Tiago Botelho <tiagonbotelho@hotmail.com> 2018-07-25 09:48:02 +0100
commit: f0f285efc2d6abef8817ec811eaddeef5838c195 (patch)
tree: 6409e361f705795f5ba2f65de2d4f035a12a42ff /doc/security
parent: 4063141223f9b89248e3c33df5711201f75d3718 (diff)
download: gitlab-ce-f0f285efc2d6abef8817ec811eaddeef5838c195.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/security/rack_attack.md b/doc/security/rack_attack.md
index c61729581e8..06b654a4a7a 100644
--- a/doc/security/rack_attack.md
+++ b/doc/security/rack_attack.md
@@ -9,6 +9,10 @@ In case you find throttling is not enough to protect you against abusive clients
 Rack Attack offers IP whitelisting, blacklisting, Fail2ban style filtering and
 tracking.
 
+**Note:** Starting with 11.2, Rack Attack is disabled by default. To continue
+using this feature, please enable it in your `gitlab.rb` by setting 
+`gitlab_rails['rack_attack_git_basic_auth'] = true`.
+
 By default, user sign-in, user sign-up (if enabled), and user password reset is
 limited to 6 requests per minute. After trying for 6 times, the client will
 have to wait for the next minute to be able to try again.
author	Tiago Botelho <tiagonbotelho@hotmail.com>	2018-07-25 09:48:02 +0100
committer	Tiago Botelho <tiagonbotelho@hotmail.com>	2018-07-25 09:48:02 +0100
commit	f0f285efc2d6abef8817ec811eaddeef5838c195 (patch)
tree	6409e361f705795f5ba2f65de2d4f035a12a42ff /doc/security
parent	4063141223f9b89248e3c33df5711201f75d3718 (diff)
download	gitlab-ce-f0f285efc2d6abef8817ec811eaddeef5838c195.tar.gz