Merge branch 'kpaizee-webhook-rate-limits' into 'master'

Add webhook rate limits to rate limits page

See merge request gitlab-org/gitlab!73689

doc/administration/get_started.md

@@ -231,7 +231,7 @@ Rate limits also improve the security of your application.
 
 ### Configure rate limits for self-managed GitLab
 
-You can make changes to your default rate limits from the Admin Area. For more information about configuration, see the [Admin Area page](../security/rate_limits.md#admin-area-settings).
+You can make changes to your default rate limits from the Admin Area. For more information about configuration, see the [Admin Area page](../security/rate_limits.md#configurable-limits).
 
 - Define [issues rate limits](../user/admin_area/settings/rate_limit_on_issues_creation.md) to set a maximum number of issue creation requests per minute, per user.
 - Enforce [user and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md) for unauthenticated web requests.
@@ -249,7 +249,7 @@ Rate limits also improve the security of your application.
 
 ### Configure rate limits for GitLab SaaS
 
-You can make changes to your default rate limits from the Admin Area. For more information about configuration, see the [Admin Area page](../security/rate_limits.md#admin-area-settings).
+You can make changes to your default rate limits from the Admin Area. For more information about configuration, see the [Admin Area page](../security/rate_limits.md#configurable-limits).
 
 - Review the rate limit page.
 - Read our [API page](../api/index.md) for more information about API and rate limiting.

doc/administration/instance_limits.md

@@ -143,6 +143,9 @@ This only applies to project and group webhooks.
 
 Calls over the rate limit are logged into `auth.log`.
 
+To set this limit for a self-managed installation, run the following in the
+[GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session):
+
 ```ruby
 # If limits don't exist for the default plan, you can create one with:
 # Plan.default.create_limits!

doc/security/rate_limits.md

@@ -27,7 +27,7 @@ Most cases can be mitigated by limiting the rate of requests from a single IP ad
 Most [brute-force attacks](https://en.wikipedia.org/wiki/Brute-force_attack) are
 similarly mitigated by a rate limit.
 
-## Admin Area settings
+## Configurable limits
 
 You can set these rate limits in the Admin Area of your instance:
 
@@ -42,6 +42,10 @@ You can set these rate limits in the Admin Area of your instance:
 - [Files API rate limits](../user/admin_area/settings/files_api_rate_limits.md)
 - [Deprecated API rate limits](../user/admin_area/settings/deprecated_api_rate_limits.md)
 
+You can set these rate limits using the Rails console:
+
+- [Webhook rate limit](../administration/instance_limits.md#webhook-rate-limit)
+
 ## Failed authentication ban for Git and container registry
 
 GitLab returns HTTP status code `403` for 1 hour, if 30 failed authentication requests were received