diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-05 00:09:29 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-05 00:09:29 +0300 |
commit | 839dad17a14654ff31c6c7d4de0f00b90499dc23 (patch) | |
tree | f67191a2fc05f143319f7ac26bd27a0a911cf8fd /doc/security | |
parent | ae42530b1be0d25186881ae45c39bdf1122a84b9 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/security')
-rw-r--r-- | doc/security/rack_attack.md | 4 | ||||
-rw-r--r-- | doc/security/rate_limits.md | 2 | ||||
-rw-r--r-- | doc/security/reset_user_password.md | 2 | ||||
-rw-r--r-- | doc/security/two_factor_authentication.md | 4 | ||||
-rw-r--r-- | doc/security/user_file_uploads.md | 2 | ||||
-rw-r--r-- | doc/security/webhooks.md | 6 |
6 files changed, 10 insertions, 10 deletions
diff --git a/doc/security/rack_attack.md b/doc/security/rack_attack.md index 17c9d40ef6f..3b178498079 100644 --- a/doc/security/rack_attack.md +++ b/doc/security/rack_attack.md @@ -19,12 +19,12 @@ tracking. For more information on how to use these options see the [Rack Attack README](https://github.com/kickstarter/rack-attack/blob/master/README.md). -NOTE: **Note:** +NOTE: See [User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md) for simpler limits that are configured in the UI. -NOTE: **Note:** +NOTE: Starting with GitLab 11.2, Rack Attack is disabled by default. If your instance is not exposed to the public internet, it is recommended that you leave Rack Attack disabled. diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md index 1a943662504..500ec057102 100644 --- a/doc/security/rate_limits.md +++ b/doc/security/rate_limits.md @@ -7,7 +7,7 @@ type: reference, howto # Rate limits -NOTE: **Note:** +NOTE: For GitLab.com, please see [GitLab.com-specific rate limits](../user/gitlab_com/index.md#gitlabcom-specific-rate-limits). diff --git a/doc/security/reset_user_password.md b/doc/security/reset_user_password.md index 2d193e48019..fc808452736 100644 --- a/doc/security/reset_user_password.md +++ b/doc/security/reset_user_password.md @@ -58,7 +58,7 @@ user.save! Exit the console, and then try to sign in with your new password. -NOTE: **Note:** +NOTE: You can also reset passwords by using the [Users API](../api/users.md#user-modification). ### Reset your root password diff --git a/doc/security/two_factor_authentication.md b/doc/security/two_factor_authentication.md index 6528ef524ff..74d77cc32cf 100644 --- a/doc/security/two_factor_authentication.md +++ b/doc/security/two_factor_authentication.md @@ -72,7 +72,7 @@ The following are important notes about 2FA: ## Disabling 2FA for everyone -CAUTION: **Caution:** +WARNING: Disabling 2FA for everyone does not disable the [enforce 2FA for all users](#enforcing-2fa-for-all-users) or [enforce 2FA for all users in a group](#enforcing-2fa-for-all-users-in-a-group) settings. In addition to the steps in this section, you will need to disable any enforced 2FA @@ -94,7 +94,7 @@ sudo gitlab-rake gitlab:two_factor:disable_for_all_users sudo -u git -H bundle exec rake gitlab:two_factor:disable_for_all_users RAILS_ENV=production ``` -CAUTION: **Caution:** +WARNING: This is a permanent and irreversible action. Users will have to reactivate 2FA from scratch if they want to use it again. diff --git a/doc/security/user_file_uploads.md b/doc/security/user_file_uploads.md index 462d82f2ad8..bce2aeb88b4 100644 --- a/doc/security/user_file_uploads.md +++ b/doc/security/user_file_uploads.md @@ -18,7 +18,7 @@ notification emails, which are often read from email clients that are not authenticated with GitLab, such as Outlook, Apple Mail, or the Mail app on your mobile device. -NOTE: **Note:** +NOTE: Non-image attachments do require authentication to be viewed. <!-- ## Troubleshooting diff --git a/doc/security/webhooks.md b/doc/security/webhooks.md index 5a4cf5e3b12..939cd529f05 100644 --- a/doc/security/webhooks.md +++ b/doc/security/webhooks.md @@ -7,7 +7,7 @@ type: concepts, reference, howto # Webhooks and insecure internal web services -NOTE: **Note:** +NOTE: On GitLab.com, the [maximum number of webhooks and their size](../user/gitlab_com/index.md#webhooks) per project, and per group, is limited. If you have non-GitLab web services running on your GitLab server or within its @@ -50,7 +50,7 @@ inside the **Admin Area > Settings** (`/admin/application_settings/network`): ![Outbound requests admin settings](img/outbound_requests_section_v12_2.png) -NOTE: **Note:** +NOTE: *System hooks* are enabled to make requests to local network by default since they are set up by administrators. However, you can turn this off by disabling the **Allow requests to the local network from system hooks** option. @@ -90,7 +90,7 @@ example.com;gitlab.example.com example.com:8080 ``` -NOTE: **Note:** +NOTE: Wildcards (`*.example.com`) are not currently supported. <!-- ## Troubleshooting |