Commit f627b0ad authored by Eric Mosher's avatar Eric Mosher

Update sign-up restrictions with allow/denylist

parent 7c540670
...@@ -8,7 +8,7 @@ You can use sign-up restrictions to: ...@@ -8,7 +8,7 @@ You can use sign-up restrictions to:
- Disable new signups. - Disable new signups.
- Require user email confirmation. - Require user email confirmation.
- Blacklist or whitelist email addresses belonging to specific domains. - Denylist or allowlist email addresses belonging to specific domains.
NOTE: **Note:** NOTE: **Note:**
These restrictions are only applied during sign-up from an external user. An admin is These restrictions are only applied during sign-up from an external user. An admin is
...@@ -31,7 +31,7 @@ consider disabling new signups if you do not expect public users to sign up for ...@@ -31,7 +31,7 @@ consider disabling new signups if you do not expect public users to sign up for
account. account.
Alternatively, you could also consider setting up a Alternatively, you could also consider setting up a
[whitelist](#whitelist-email-domains) or [blacklist](#blacklist-email-domains) on [allowlist](#allowlist-email-domains) or [denylist](#denylist-email-domains) on
email domains to prevent malicious users from creating accounts. email domains to prevent malicious users from creating accounts.
## Require email confirmation ## Require email confirmation
...@@ -48,14 +48,14 @@ their email address before they are allowed to sign in. ...@@ -48,14 +48,14 @@ their email address before they are allowed to sign in.
You can [change](../../../security/password_length_limits.md#modify-minimum-password-length-using-gitlab-ui) You can [change](../../../security/password_length_limits.md#modify-minimum-password-length-using-gitlab-ui)
the minimum number of characters a user must have in their password using the GitLab UI. the minimum number of characters a user must have in their password using the GitLab UI.
## Whitelist email domains ## Allowlist email domains
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/598) in GitLab 7.11.0 > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/598) in GitLab 7.11.0
You can restrict users to only sign up using email addresses matching the given You can restrict users to only sign up using email addresses matching the given
domains list. domains list.
## Blacklist email domains ## Denylist email domains
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5259) in GitLab 8.10. > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5259) in GitLab 8.10.
...@@ -71,17 +71,17 @@ To access this feature: ...@@ -71,17 +71,17 @@ To access this feature:
1. Navigate to the **Admin Area > Settings > General**. 1. Navigate to the **Admin Area > Settings > General**.
1. Expand the **Sign-up restrictions** section. 1. Expand the **Sign-up restrictions** section.
For the blacklist, you can enter the list manually or upload a `.txt` file that For the denylist, you can enter the list manually or upload a `.txt` file that
contains list entries. contains list entries.
For the whitelist, you must enter the list manually. For the allowlist, you must enter the list manually.
Both the whitelist and blacklist accept wildcards. For example, you can use Both the allowlist and denylist accept wildcards. For example, you can use
`*.company.com` to accept every `company.com` subdomain, or `*.io` to block all `*.company.com` to accept every `company.com` subdomain, or `*.io` to block all
domains ending in `.io`. Domains should be separated by a whitespace, domains ending in `.io`. Domains should be separated by a whitespace,
semicolon, comma, or a new line. semicolon, comma, or a new line.
![Domain Blacklist](img/domain_blacklist.png) ![Domain Denylist](img/domain_denylist.png)
<!-- ## Troubleshooting <!-- ## Troubleshooting
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment