3 files changed, 22 insertions, 0 deletions

diff --git a/app/views/help/_layout.html.haml b/app/views/help/_layout.html.haml
index ac8660dcbb4..da917888eee 100644
--- a/app/views/help/_layout.html.haml
+++ b/app/views/help/_layout.html.haml
@@ -30,5 +30,8 @@
         %li
           %strong= link_to "Public Access", help_public_access_path
 
+        %li
+          %strong= link_to "Security", help_security_path
+
   .span9.pull-right
     = yield
diff --git a/app/views/help/index.html.haml b/app/views/help/index.html.haml
index ff01136f5bb..fadc2dc21cb 100644
--- a/app/views/help/index.html.haml
+++ b/app/views/help/index.html.haml
@@ -79,3 +79,7 @@
         %li
           %strong= link_to "Public Access", help_public_access_path
           %p Learn how you can allow public access to a project.
+
+        %li
+          %strong= link_to "Security", help_security_path
+          %p Learn what you can do to secure your GitLab instance.
diff --git a/app/views/help/security.html.haml b/app/views/help/security.html.haml
new file mode 100644
index 00000000000..72f21e9f634
--- /dev/null
+++ b/app/views/help/security.html.haml
@@ -0,0 +1,15 @@
+= render layout: 'help/layout' do
+  %h3.page-title Security
+
+  %p.slead
+    If your GitLab instance is visible from the internet chances are it will be 'tested' by bots sooner or later.
+    %br
+    %br
+    %br
+    .file-holder
+      .file-title
+        %i.icon-file
+        Dealing with bruteforcing
+      .file-content.wiki
+        = preserve do
+          = markdown File.read(Rails.root.join("doc", "security", "rack_attack.md"))