Commit be247a34 authored by Nick Thomas's avatar Nick Thomas

Documentation for the deprecated API endpoint rate limiter

Another substantial copy-paste!
parent 5b9e642e
...@@ -102,6 +102,15 @@ This setting limits the request rate on the Packages API per user or IP address. ...@@ -102,6 +102,15 @@ This setting limits the request rate on the Packages API per user or IP address.
- **Default rate limit**: Disabled by default. - **Default rate limit**: Disabled by default.
### Deprecated API endpoints
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68645) in GitLab 14.4.
This setting limits the request rate on deprecated API endpoints per user or IP address. For more information, read
[Deprecated API rate limits](../user/admin_area/settings/deprecated_api_rate_limits.md).
- **Default rate limit**: Disabled by default.
### Import/Export ### Import/Export
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35728) in GitLab 13.2. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35728) in GitLab 13.2.
......
...@@ -36,6 +36,7 @@ These are rate limits you can set in the Admin Area of your instance: ...@@ -36,6 +36,7 @@ These are rate limits you can set in the Admin Area of your instance:
- [Package registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) - [Package registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md)
- [Git LFS rate limits](../user/admin_area/settings/git_lfs_rate_limits.md) - [Git LFS rate limits](../user/admin_area/settings/git_lfs_rate_limits.md)
- [Files API rate limits](../user/admin_area/settings/files_api_rate_limits.md) - [Files API rate limits](../user/admin_area/settings/files_api_rate_limits.md)
- [Deprecated API rate limits](../user/admin_area/settings/deprecated_api_rate_limits.md)
## Non-configurable limits ## Non-configurable limits
......
---
stage: Create
group: Source Code
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
type: reference
---
# Deprecated API rate limits **(FREE SELF)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68645) in GitLab 14.4.
Deprecated API endpoints are those which have been replaced with alternative
functionality, but cannot be removed without breaking backward compatibility.
Setting a restrictive rate limit on these endpoints can encourage users to
switch to the alternatives.
## Deprecated API endpoints
Not all deprecated API endpoints are included in this rate limit - just those
that might have a performance impact:
- [`GET /groups/:id`](../../../api/groups.md#details-of-a-group) **without** the `with_projects=0` query parameter.
## Define Deprecated API rate limits
Rate limits for deprecated API endpoints are disabled by default. When enabled, they supersede
the general user and IP rate limits for requests to deprecated endpoints. You can keep any general user
and IP rate limits already in place, and increase or decrease the rate limits
for deprecated API endpoints. No other new features are provided by this override.
Prerequisites:
- You must have the Administrator role for your instance.
To override the general user and IP rate limits for requests to deprecated API endpoints:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Settings > Network**.
1. Expand **Deprecated API Rate Limits**.
1. Select the check boxes for the types of rate limits you want to enable:
- **Unauthenticated API request rate limit**
- **Authenticated API request rate limit**
1. _If you enabled unauthenticated API request rate limits:_
1. Select the **Maximum unauthenticated API requests per period per IP**.
1. Select the **Unauthenticated API rate limit period in seconds**.
1. _If you enabled authenticated API request rate limits:_
1. Select the **Maximum authenticated API requests per period per user**.
1. Select the **Authenticated API rate limit period in seconds**.
## Resources
- [Rate limits](../../../security/rate_limits.md)
- [User and IP rate limits](user_and_ip_rate_limits.md)
...@@ -99,6 +99,7 @@ To access the default page for Admin Area settings: ...@@ -99,6 +99,7 @@ To access the default page for Admin Area settings:
| [Package Registry Rate Limits](package_registry_rate_limits.md) | Configure specific limits for Packages API requests that supersede the user and IP rate limits. | | [Package Registry Rate Limits](package_registry_rate_limits.md) | Configure specific limits for Packages API requests that supersede the user and IP rate limits. |
| [Git LFS Rate Limits](git_lfs_rate_limits.md) | Configure specific limits for Git LFS requests that supersede the user and IP rate limits. | | [Git LFS Rate Limits](git_lfs_rate_limits.md) | Configure specific limits for Git LFS requests that supersede the user and IP rate limits. |
| [Files API Rate Limits](files_api_rate_limits.md) | Configure specific limits for Files API requests that supersede the user and IP rate limits. | | [Files API Rate Limits](files_api_rate_limits.md) | Configure specific limits for Files API requests that supersede the user and IP rate limits. |
| [Deprecated API Rate Limits](deprecated_api_rate_limits.md) | Configure specific limits for deprecated API requests that supersede the user and IP rate limits. |
| [Outbound requests](../../../security/webhooks.md) | Allow requests to the local network from hooks and services. | | [Outbound requests](../../../security/webhooks.md) | Allow requests to the local network from hooks and services. |
| [Protected Paths](protected_paths.md) | Configure paths to be protected by Rack Attack. | | [Protected Paths](protected_paths.md) | Configure paths to be protected by Rack Attack. |
| [Incident Management](../../../operations/incident_management/index.md) Limits | Limit the number of inbound alerts that can be sent to a project. | | [Incident Management](../../../operations/incident_management/index.md) Limits | Limit the number of inbound alerts that can be sent to a project. |
......
...@@ -191,6 +191,8 @@ The possible names are: ...@@ -191,6 +191,8 @@ The possible names are:
- `throttle_authenticated_git_lfs` - `throttle_authenticated_git_lfs`
- `throttle_unauthenticated_files_api` - `throttle_unauthenticated_files_api`
- `throttle_authenticated_files_api` - `throttle_authenticated_files_api`
- `throttle_unauthenticated_deprecated_api`
- `throttle_authenticated_deprecated_api`
For example, to try out throttles for all authenticated requests to For example, to try out throttles for all authenticated requests to
non-protected paths can be done by setting non-protected paths can be done by setting
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment