Commit b57d3992 authored by Mayra Cabrera's avatar Mayra Cabrera Committed by Marcia Ramos

Add docs for rate limiter on raw endpoints

The section was included on security/raw_limits and on the admin area
settings.

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/48717
parent f1d39d60
......@@ -22,11 +22,12 @@ similarly mitigated by a rate limit.
## Admin Area settings
See
[User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md).
- [User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md).
- [Rate limits on raw endpoints](../user/admin_area/settings/rate_limits_on_raw_endpoints.md)
## Rack Attack initializer
This method of rate limiting is cumbersome, but has some advantages. It allows
throttling of specific paths, and is also integrated into Git and container
registry requests. See [Rack Attack initializer](rack_attack.md).
---
type: reference
---
# Rate limits on raw endpoints **(CORE ONLY)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30829) in GitLab 12.2.
This setting allows you to rate limit the requests to raw endpoints, defaults to `300` requests per minute.
It can be modified in **Admin Area > Network > Performance Optimization**.
For example, requests over `300` per minute to `https://gitlab.com/gitlab-org/gitlab-ce/raw/master/app/controllers/application_controller.rb` will be blocked.
![Rate limits on raw endpoints](img/rate_limits_on_raw_endpoints.png)
This limit is:
- Applied independently per project, per commit and per file path.
- Not applied per IP address.
- Active by default. To disable, set the option to `0`.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment