14 files changed, 237 insertions, 76 deletions
diff --git a/.rubocop_manual_todo.yml b/.rubocop_manual_todo.yml
index 15ce98b6770..2cbfeec1048 100644
--- a/.rubocop_manual_todo.yml
+++ b/.rubocop_manual_todo.yml
@@ -2564,3 +2564,53 @@ Performance/ActiveRecordSubtransactionMethods:
     - 'lib/gitlab/composer/cache.rb'
     - 'lib/gitlab/database/async_indexes/migration_helpers.rb'
     - 'lib/gitlab/issuables_count_for_state.rb'
+
+# WIP: https://gitlab.com/gitlab-org/gitlab/-/issues/340567
+Rails/IncludeUrlHelper:
+  Exclude:
+    - 'app/models/integrations/asana.rb'
+    - 'app/models/integrations/bamboo.rb'
+    - 'app/models/integrations/bugzilla.rb'
+    - 'app/models/integrations/campfire.rb'
+    - 'app/models/integrations/confluence.rb'
+    - 'app/models/integrations/custom_issue_tracker.rb'
+    - 'app/models/integrations/datadog.rb'
+    - 'app/models/integrations/discord.rb'
+    - 'app/models/integrations/ewm.rb'
+    - 'app/models/integrations/external_wiki.rb'
+    - 'app/models/integrations/flowdock.rb'
+    - 'app/models/integrations/hangouts_chat.rb'
+    - 'app/models/integrations/irker.rb'
+    - 'app/models/integrations/jenkins.rb'
+    - 'app/models/integrations/mattermost.rb'
+    - 'app/models/integrations/pivotaltracker.rb'
+    - 'app/models/integrations/redmine.rb'
+    - 'app/models/integrations/webex_teams.rb'
+    - 'app/models/integrations/youtrack.rb'
+    - 'app/presenters/alert_management/alert_presenter.rb'
+    - 'app/presenters/ci/pipeline_presenter.rb'
+    - 'app/presenters/clusters/cluster_presenter.rb'
+    - 'app/presenters/environment_presenter.rb'
+    - 'app/presenters/gitlab/blame_presenter.rb'
+    - 'app/presenters/group_clusterable_presenter.rb'
+    - 'app/presenters/instance_clusterable_presenter.rb'
+    - 'app/presenters/merge_request_presenter.rb'
+    - 'app/presenters/project_clusterable_presenter.rb'
+    - 'app/presenters/project_presenter.rb'
+    - 'app/presenters/prometheus_alert_presenter.rb'
+    - 'app/presenters/release_presenter.rb'
+    - 'app/presenters/releases/evidence_presenter.rb'
+    - 'ee/app/helpers/license_helper.rb'
+    - 'ee/app/models/integrations/github.rb'
+    - 'ee/app/presenters/merge_request_approver_presenter.rb'
+    - 'ee/spec/helpers/ee/projects/security/configuration_helper_spec.rb'
+    - 'ee/spec/lib/banzai/filter/cross_project_issuable_information_filter_spec.rb'
+    - 'ee/spec/lib/banzai/filter/issuable_state_filter_spec.rb'
+    - 'lib/gitlab/ci/badge/metadata.rb'
+    - 'lib/gitlab/email/message/in_product_marketing/helper.rb'
+    - 'spec/helpers/merge_requests_helper_spec.rb'
+    - 'spec/helpers/nav/top_nav_helper_spec.rb'
+    - 'spec/helpers/notify_helper_spec.rb'
+    - 'spec/lib/banzai/filter/issuable_state_filter_spec.rb'
+    - 'spec/lib/banzai/filter/reference_redactor_filter_spec.rb'
+    - 'spec/lib/banzai/reference_redactor_spec.rb'
diff --git a/Gemfile b/Gemfile
index 19f77c1ee82..39e61564968 100644
--- a/Gemfile
+++ b/Gemfile
@@ -372,7 +372,7 @@ group :development, :test do
   gem 'spring', '~> 2.1.0'
   gem 'spring-commands-rspec', '~> 1.0.4'
 
-  gem 'gitlab-styles', '~> 6.2.0', require: false
+  gem 'gitlab-styles', '~> 6.3.0', require: false
 
   gem 'haml_lint', '~> 0.36.0', require: false
   gem 'bundler-audit', '~> 0.7.0.1', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index 007694e6c28..d62e948e636 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -493,7 +493,7 @@ GEM
       openid_connect (~> 1.2)
     gitlab-sidekiq-fetcher (0.5.6)
       sidekiq (~> 5)
-    gitlab-styles (6.2.0)
+    gitlab-styles (6.3.0)
       rubocop (~> 0.91, >= 0.91.1)
       rubocop-gitlab-security (~> 0.1.1)
       rubocop-performance (~> 1.9.2)
@@ -1477,7 +1477,7 @@ DEPENDENCIES
   gitlab-net-dns (~> 0.9.1)
   gitlab-omniauth-openid-connect (~> 0.8.0)
   gitlab-sidekiq-fetcher (= 0.5.6)
-  gitlab-styles (~> 6.2.0)
+  gitlab-styles (~> 6.3.0)
   gitlab_chronic_duration (~> 0.10.6.2)
   gitlab_omniauth-ldap (~> 2.1.1)
   gon (~> 6.4.0)
diff --git a/app/views/admin/application_settings/_ip_limits.html.haml b/app/views/admin/application_settings/_ip_limits.html.haml
index 511d628cb79..4362ae9cb9b 100644
--- a/app/views/admin/application_settings/_ip_limits.html.haml
+++ b/app/views/admin/application_settings/_ip_limits.html.haml
@@ -2,60 +2,55 @@
   = form_errors(@application_setting)
 
   %fieldset
-    %legend.h5.gl-border-none
-      = _('Unauthenticated API request rate limit')
+    = _("Rate limits can help reduce request volume (like from crawlers or abusive bots).")
+
+  %fieldset
     .form-group
       = f.gitlab_ui_checkbox_component :throttle_unauthenticated_api_enabled,
         _("Enable unauthenticated API request rate limit"),
-        help_text: _("Helps reduce request volume (e.g. from crawlers or abusive bots)"),
-        checkbox_options: { data: { qa_selector: 'throttle_unauthenticated_api_checkbox' } }
+        checkbox_options: { data: { qa_selector: 'throttle_unauthenticated_api_checkbox' } },
+        label_options: { class: 'label-bold' }
     .form-group
-      = f.label :throttle_unauthenticated_api_requests_per_period, _('Max unauthenticated API requests per period per IP'), class: 'label-bold'
+      = f.label :throttle_unauthenticated_api_requests_per_period, _('Maximum unauthenticated API requests per rate limit period per IP'), class: 'label-bold'
       = f.number_field :throttle_unauthenticated_api_requests_per_period, class: 'form-control gl-form-input'
     .form-group
       = f.label :throttle_unauthenticated_api_period_in_seconds, _('Unauthenticated API rate limit period in seconds'), class: 'label-bold'
       = f.number_field :throttle_unauthenticated_api_period_in_seconds, class: 'form-control gl-form-input'
 
   %fieldset
-    %legend.h5.gl-border-none
-      = _('Unauthenticated web request rate limit')
     .form-group
       = f.gitlab_ui_checkbox_component :throttle_unauthenticated_enabled,
         _("Enable unauthenticated web request rate limit"),
-        help_text: _("Helps reduce request volume (e.g. from crawlers or abusive bots)"),
-        checkbox_options: { data: { qa_selector: 'throttle_unauthenticated_web_checkbox' } }
+        checkbox_options: { data: { qa_selector: 'throttle_unauthenticated_web_checkbox' } },
+        label_options: { class: 'label-bold' }
     .form-group
-      = f.label :throttle_unauthenticated_requests_per_period, _('Max unauthenticated web requests per period per IP'), class: 'label-bold'
+      = f.label :throttle_unauthenticated_requests_per_period, _('Maximum unauthenticated web requests per rate limit period per IP'), class: 'label-bold'
       = f.number_field :throttle_unauthenticated_requests_per_period, class: 'form-control gl-form-input'
     .form-group
       = f.label :throttle_unauthenticated_period_in_seconds, _('Unauthenticated web rate limit period in seconds'), class: 'label-bold'
       = f.number_field :throttle_unauthenticated_period_in_seconds, class: 'form-control gl-form-input'
 
   %fieldset
-    %legend.h5.gl-border-none
-      = _('Authenticated API request rate limit')
     .form-group
       = f.gitlab_ui_checkbox_component :throttle_authenticated_api_enabled,
         _("Enable authenticated API request rate limit"),
-        help_text: _("Helps reduce request volume (e.g. from crawlers or abusive bots)"),
-        checkbox_options: { data: { qa_selector: 'throttle_authenticated_api_checkbox' }}
+        checkbox_options: { data: { qa_selector: 'throttle_authenticated_api_checkbox' }},
+        label_options: { class: 'label-bold' }
     .form-group
-      = f.label :throttle_authenticated_api_requests_per_period, _('Max authenticated API requests per period per user'), class: 'label-bold'
+      = f.label :throttle_authenticated_api_requests_per_period, _('Maximum authenticated API requests per rate limit period per user'), class: 'label-bold'
       = f.number_field :throttle_authenticated_api_requests_per_period, class: 'form-control gl-form-input'
     .form-group
       = f.label :throttle_authenticated_api_period_in_seconds, _('Authenticated API rate limit period in seconds'), class: 'label-bold'
       = f.number_field :throttle_authenticated_api_period_in_seconds, class: 'form-control gl-form-input'
 
   %fieldset
-    %legend.h5.gl-border-none
-      = _('Authenticated web request rate limit')
     .form-group
       = f.gitlab_ui_checkbox_component :throttle_authenticated_web_enabled,
         _("Enable authenticated web request rate limit"),
-        help_text: _("Helps reduce request volume (e.g. from crawlers or abusive bots)"),
-        checkbox_options: { data: { qa_selector: 'throttle_authenticated_web_checkbox' } }
+        checkbox_options: { data: { qa_selector: 'throttle_authenticated_web_checkbox' } },
+        label_options: { class: 'label-bold' }
     .form-group
-      = f.label :throttle_authenticated_web_requests_per_period, _('Max authenticated web requests per period per user'), class: 'label-bold'
+      = f.label :throttle_authenticated_web_requests_per_period, _('Maximum authenticated web requests per rate limit period per user'), class: 'label-bold'
       = f.number_field :throttle_authenticated_web_requests_per_period, class: 'form-control gl-form-input'
     .form-group
       = f.label :throttle_authenticated_web_period_in_seconds, _('Authenticated web rate limit period in seconds'), class: 'label-bold'
@@ -66,7 +61,9 @@
       = _('Response text')
     .form-group
       = f.label :rate_limiting_response_text, class: 'label-bold' do
-        = _('A plain-text response to show to clients that hit the rate limit.')
+        = _('Plain-text response to send to clients that hit a rate limit')
       = f.text_area :rate_limiting_response_text, placeholder: ::Gitlab::Throttle::DEFAULT_RATE_LIMITING_RESPONSE_TEXT, class: 'form-control gl-form-input', rows: 5
+      .form-text.text-muted
+        = html_escape(_("If blank, defaults to %{code_open}Retry later%{code_close}.")) % { code_open: '<code>'.html_safe, code_close: '</code>'.html_safe }
 
   = f.submit _('Save changes'), class: "gl-button btn btn-confirm", data: { qa_selector: 'save_changes_button' }
diff --git a/app/views/admin/application_settings/network.html.haml b/app/views/admin/application_settings/network.html.haml
index f17d872ee72..8dff2bc36cb 100644
--- a/app/views/admin/application_settings/network.html.haml
+++ b/app/views/admin/application_settings/network.html.haml
@@ -16,11 +16,12 @@
 %section.settings.as-ip-limits.no-animate#js-ip-limits-settings{ class: ('expanded' if expanded_by_default?), data: { qa_selector: 'ip_limits_content' } }
   .settings-header
     %h4
-      = _('User and IP Rate Limits')
+      = _('User and IP rate limits')
     %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
       = expanded_by_default? ? _('Collapse') : _('Expand')
     %p
-      = _('Configure limits for web and API requests.')
+      = _('Set limits for web and API requests.')
+      = link_to _('Learn more.'), help_page_path('user/admin_area/settings/user_and_ip_rate_limits.md'), target: '_blank', rel: 'noopener noreferrer'
   .settings-content
     = render 'ip_limits'
 
diff --git a/doc/administration/monitoring/prometheus/gitlab_metrics.md b/doc/administration/monitoring/prometheus/gitlab_metrics.md
index d27d5b4a574..c36d2b0f7a4 100644
--- a/doc/administration/monitoring/prometheus/gitlab_metrics.md
+++ b/doc/administration/monitoring/prometheus/gitlab_metrics.md
@@ -268,6 +268,10 @@ configuration option in `gitlab.yml`. These metrics are served from the
 | `destroyed_job_artifacts_count_total`          | Counter | 13.6  | Number of destroyed expired job artifacts | |
 | `destroyed_pipeline_artifacts_count_total`     | Counter | 13.8  | Number of destroyed expired pipeline artifacts | |
 | `gitlab_optimistic_locking_retries`            | Histogram | 13.10  | Number of retry attempts to execute optimistic retry lock | |
+| `geo_uploads`                      | Gauge   | 14.1  | Number of uploads on primary | `url` |
+| `geo_uploads_synced`               | Gauge   | 14.1  | Number of uploads synced on secondary | `url` |
+| `geo_uploads_failed`               | Gauge   | 14.1  | Number of syncable uploads failed to sync on secondary | `url` |
+| `geo_uploads_registry`             | Gauge   | 14.1  | Number of uploads in the registry | `url` |
 
 ## Database load balancing metrics **(PREMIUM SELF)**
 
diff --git a/doc/api/geo_nodes.md b/doc/api/geo_nodes.md
index 94c4bdeabcd..d9b23485fd5 100644
--- a/doc/api/geo_nodes.md
+++ b/doc/api/geo_nodes.md
@@ -453,6 +453,11 @@ Example response:
     "pipeline_artifacts_verification_failed_count": null,
     "pipeline_artifacts_synced_in_percentage": "0.00%",
     "pipeline_artifacts_verified_in_percentage": "0.00%",
+    "uploads_count": 5,
+    "uploads_synced_count": null,
+    "uploads_failed_count": 0,
+    "uploads_registry_count": null,
+    "uploads_synced_in_percentage": "0.00%",
   },
   {
     "geo_node_id": 2,
@@ -595,6 +600,11 @@ Example response:
     "pipeline_artifacts_verification_failed_count": 0,
     "pipeline_artifacts_synced_in_percentage": "100.00%",
     "pipeline_artifacts_verified_in_percentage": "100.00%",
+    "uploads_count": 5,
+    "uploads_synced_count": null,
+    "uploads_failed_count": 0,
+    "uploads_registry_count": null,
+    "uploads_synced_in_percentage": "0.00%",
   }
 ]
 ```
@@ -734,6 +744,11 @@ Example response:
   "pipeline_artifacts_verification_failed_count": 0,
   "pipeline_artifacts_synced_in_percentage": "100.00%",
   "pipeline_artifacts_verified_in_percentage": "100.00%",
+  "uploads_count": 5,
+  "uploads_synced_count": null,
+  "uploads_failed_count": 0,
+  "uploads_registry_count": null,
+  "uploads_synced_in_percentage": "0.00%",
 }
 ```
 
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 6b3140d62a2..c4e73f9c058 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -7443,6 +7443,29 @@ The edge type for [`TreeEntry`](#treeentry).
 | <a id="treeentryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
 | <a id="treeentryedgenode"></a>`node` | [`TreeEntry`](#treeentry) | The item at the end of the edge. |
 
+#### `UploadRegistryConnection`
+
+The connection type for [`UploadRegistry`](#uploadregistry).
+
+##### Fields
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="uploadregistryconnectionedges"></a>`edges` | [`[UploadRegistryEdge]`](#uploadregistryedge) | A list of edges. |
+| <a id="uploadregistryconnectionnodes"></a>`nodes` | [`[UploadRegistry]`](#uploadregistry) | A list of nodes. |
+| <a id="uploadregistryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. |
+
+#### `UploadRegistryEdge`
+
+The edge type for [`UploadRegistry`](#uploadregistry).
+
+##### Fields
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="uploadregistryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
+| <a id="uploadregistryedgenode"></a>`node` | [`UploadRegistry`](#uploadregistry) | The item at the end of the edge. |
+
 #### `UsageTrendsMeasurementConnection`
 
 The connection type for [`UsageTrendsMeasurement`](#usagetrendsmeasurement).
@@ -9951,6 +9974,22 @@ four standard [pagination arguments](#connection-pagination-arguments):
 | ---- | ---- | ----------- |
 | <a id="geonodeterraformstateversionregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. |
 
+##### `GeoNode.uploadRegistries`
+
+Find Upload registries on this Geo node Available only when feature flag `geo_upload_replication` is enabled. This flag is disabled by default, because the feature is experimental and is subject to change without notice.
+
+Returns [`UploadRegistryConnection`](#uploadregistryconnection).
+
+This field returns a [connection](#connections). It accepts the
+four standard [pagination arguments](#connection-pagination-arguments):
+`before: String`, `after: String`, `first: Int`, `last: Int`.
+
+###### Arguments
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="geonodeuploadregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. |
+
 ### `GrafanaIntegration`
 
 #### Fields
@@ -14347,6 +14386,23 @@ Represents a directory.
 | <a id="treeentrywebpath"></a>`webPath` | [`String`](#string) | Web path for the tree entry (directory). |
 | <a id="treeentryweburl"></a>`webUrl` | [`String`](#string) | Web URL for the tree entry (directory). |
 
+### `UploadRegistry`
+
+Represents the Geo replication and verification state of an upload.
+
+#### Fields
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="uploadregistrycreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the UploadRegistry was created. |
+| <a id="uploadregistryfileid"></a>`fileId` | [`ID!`](#id) | ID of the Upload. |
+| <a id="uploadregistryid"></a>`id` | [`ID!`](#id) | ID of the UploadRegistry. |
+| <a id="uploadregistrylastsyncfailure"></a>`lastSyncFailure` | [`String`](#string) | Error message during sync of the UploadRegistry. |
+| <a id="uploadregistrylastsyncedat"></a>`lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the UploadRegistry. |
+| <a id="uploadregistryretryat"></a>`retryAt` | [`Time`](#time) | Timestamp after which the UploadRegistry should be resynced. |
+| <a id="uploadregistryretrycount"></a>`retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the UploadRegistry. |
+| <a id="uploadregistrystate"></a>`state` | [`RegistryState`](#registrystate) | Sync state of the UploadRegistry. |
+
 ### `UsageTrendsMeasurement`
 
 Represents a recorded measurement (object count) for the Admins.
diff --git a/doc/user/admin_area/settings/img/user_and_ip_rate_limits_v14_3.png b/doc/user/admin_area/settings/img/user_and_ip_rate_limits_v14_3.png
deleted file mode 100644
index 36f27c4025a..00000000000
--- a/doc/user/admin_area/settings/img/user_and_ip_rate_limits_v14_3.png
+++ /dev/null
diff --git a/doc/user/admin_area/settings/user_and_ip_rate_limits.md b/doc/user/admin_area/settings/user_and_ip_rate_limits.md
index 0cf6a0a1b82..32f08801c76 100644
--- a/doc/user/admin_area/settings/user_and_ip_rate_limits.md
+++ b/doc/user/admin_area/settings/user_and_ip_rate_limits.md
@@ -13,31 +13,78 @@ of a web application. For more details, see
 
 The following limits are disabled by default:
 
-- Unauthenticated API requests
-- Unauthenticated web requests
-- Authenticated API requests
-- Authenticated web requests
+- [Unauthenticated API requests (per IP)](#enable-unauthenticated-api-request-rate-limit).
+- [Unauthenticated web requests (per IP)](#enable-unauthenticated-web-request-rate-limit).
+- [Authenticated API requests (per user)](#enable-authenticated-api-request-rate-limit).
+- [Authenticated web requests (per user)](#enable-authenticated-web-request-rate-limit).
 
-To enforce any or all of them:
+NOTE:
+By default, all Git operations are first tried unauthenticated. Because of this, HTTP Git operations
+may trigger the rate limits configured for unauthenticated requests.
+
+## Enable unauthenticated API request rate limit
+
+To enable the unauthenticated request rate limit:
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > Network**, and expand **User and IP rate limits**.
+1. Select **Enable unauthenticated API request rate limit**.
+
+   - Optional. Update the **Maximum unauthenticated API requests per rate limit period per IP** value.
+     Defaults to `3600`.
+   - Optional. Update the **Unauthenticated rate limit period in seconds** value.
+     Defaults to `3600`.
+
+## Enable unauthenticated web request rate limit
+
+To enable the unauthenticated request rate limit:
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > Network**, and expand **User and IP rate limits**.
+1. Select **Enable unauthenticated web request rate limit**.
+
+   - Optional. Update the **Maximum unauthenticated web requests per rate limit period per IP** value.
+     Defaults to `3600`.
+   - Optional. Update the **Unauthenticated rate limit period in seconds** value.
+     Defaults to `3600`.
+
+## Enable authenticated API request rate limit
+
+To enable the authenticated API request rate limit:
 
 1. On the top bar, select **Menu > Admin**.
-1. On the left sidebar, select **Settings > Network**, and expand **User and IP rate limits**:
-   ![user-and-ip-rate-limits](img/user_and_ip_rate_limits_v14_3.png)
+1. On the left sidebar, select **Settings > Network**, and expand **User and IP rate limits**.
+1. Select **Enable authenticated API request rate limit**.
 
-   NOTE:
-   By default, all Git operations are first tried unauthenticated. Because of this, HTTP Git operations
-   may trigger the rate limits configured for unauthenticated requests.
+   - Optional. Update the **Maximum authenticated API requests per rate limit period per user** value.
+     Defaults to `7200`.
+   - Optional. Update the **Authenticated API rate limit period in seconds** value.
+     Defaults to `3600`.
 
-## Response text
+## Enable authenticated web request rate limit
+
+To enable the unauthenticated request rate limit:
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > Network**, and expand **User and IP rate limits**.
+1. Select **Enable authenticated web request rate limit**.
+
+   - Optional. Update the **Maximum authenticated web requests per rate limit period per user** value.
+     Defaults to `7200`.
+   - Optional. Update the **Authenticated web rate limit period in seconds** value.
+     Defaults to `3600`.
+
+## Use a custom rate limit response
 
 A request that exceeds a rate limit returns a 429 response code and a
-plain-text body, which by default is:
+plain-text body, which by default is `Retry later`.
 
-```plaintext
-Retry later
-```
+To use a custom response:
 
-It is possible to customize this response text in the Admin Area.
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > Network**, and expand **User and IP rate limits**.
+1. In the **Plain-text response to send to clients that hit a rate limit** text box,
+   add the plain-text response message.
 
 ## Response headers
 
diff --git a/doc/user/clusters/integrations.md b/doc/user/clusters/integrations.md
index 5e6843144fc..70f940c775b 100644
--- a/doc/user/clusters/integrations.md
+++ b/doc/user/clusters/integrations.md
@@ -33,9 +33,6 @@ You can integrate your Kubernetes cluster with
 [Prometheus](https://prometheus.io/) for monitoring key metrics of your
 apps directly from the GitLab UI.
 
-[Alerts](../../operations/metrics/alerts.md) can be configured the same way as
-for [external Prometheus instances](../../operations/metrics/alerts.md#external-prometheus-instances).
-
 Once enabled, you can see metrics from services available in the
 [metrics library](../project/integrations/prometheus_library/index.md).
 
diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md
index 72058a7e8d2..23765de8f46 100644
--- a/doc/user/gitlab_com/index.md
+++ b/doc/user/gitlab_com/index.md
@@ -306,7 +306,7 @@ endpoints](../../user/admin_area/settings/rate_limits_on_raw_endpoints.md).
 For information on rate limiting responses, see:
 
 - [List of headers on responses to blocked requests](../admin_area/settings/user_and_ip_rate_limits.md#response-headers).
-- [Customizable response text](../admin_area/settings/user_and_ip_rate_limits.md#response-text).
+- [Customizable response text](../admin_area/settings/user_and_ip_rate_limits.md#use-a-custom-rate-limit-response).
 
 ### Protected paths throttle
 
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index acb88e08098..ae3fbe248bb 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -1495,9 +1495,6 @@ msgstr ""
 msgid "A plain HTML site that uses Netlify for CI/CD instead of GitLab, but still with all the other great GitLab features"
 msgstr ""
 
-msgid "A plain-text response to show to clients that hit the rate limit."
-msgstr ""
-
 msgid "A platform value can be web, mob or app."
 msgstr ""
 
@@ -4786,9 +4783,6 @@ msgstr ""
 msgid "Authenticated web rate limit period in seconds"
 msgstr ""
 
-msgid "Authenticated web request rate limit"
-msgstr ""
-
 msgid "Authenticated web requests"
 msgstr ""
 
@@ -8562,9 +8556,6 @@ msgstr ""
 msgid "Configure existing installation"
 msgstr ""
 
-msgid "Configure limits for web and API requests."
-msgstr ""
-
 msgid "Configure paths to be protected by Rack Attack."
 msgstr ""
 
@@ -16934,6 +16925,9 @@ msgstr ""
 msgid "If any indexed field exceeds this limit it will be truncated to this number of characters and the rest will not be indexed or searchable. This does not apply to repository and wiki indexing. Setting this to 0 means it is unlimited."
 msgstr ""
 
+msgid "If blank, defaults to %{code_open}Retry later%{code_close}."
+msgstr ""
+
 msgid "If blank, set allowable lifetime to %{instance_level_policy_in_words}, as defined by the instance admin. Once set, existing tokens for users in this group may be revoked."
 msgstr ""
 
@@ -20765,15 +20759,9 @@ msgstr ""
 msgid "Max 20 characters"
 msgstr ""
 
-msgid "Max authenticated API requests per period per user"
-msgstr ""
-
 msgid "Max authenticated Git LFS requests per period per user"
 msgstr ""
 
-msgid "Max authenticated web requests per period per user"
-msgstr ""
-
 msgid "Max file size is 200 KB."
 msgstr ""
 
@@ -20783,12 +20771,6 @@ msgstr ""
 msgid "Max session time"
 msgstr ""
 
-msgid "Max unauthenticated API requests per period per IP"
-msgstr ""
-
-msgid "Max unauthenticated web requests per period per IP"
-msgstr ""
-
 msgid "MaxBuilds"
 msgstr ""
 
@@ -20828,6 +20810,9 @@ msgstr ""
 msgid "Maximum authenticated API requests per rate limit period per user"
 msgstr ""
 
+msgid "Maximum authenticated web requests per rate limit period per user"
+msgstr ""
+
 msgid "Maximum bulk request size (MiB)"
 msgstr ""
 
@@ -20981,6 +20966,9 @@ msgstr ""
 msgid "Maximum unauthenticated API requests per rate limit period per IP"
 msgstr ""
 
+msgid "Maximum unauthenticated web requests per rate limit period per IP"
+msgstr ""
+
 msgid "May"
 msgstr ""
 
@@ -25171,6 +25159,9 @@ msgstr ""
 msgid "Plain diff"
 msgstr ""
 
+msgid "Plain-text response to send to clients that hit a rate limit"
+msgstr ""
+
 msgid "Plan:"
 msgstr ""
 
@@ -27688,6 +27679,9 @@ msgstr ""
 msgid "Rate limit"
 msgstr ""
 
+msgid "Rate limits can help reduce request volume (like from crawlers or abusive bots)."
+msgstr ""
+
 msgid "Raw blob request rate limit per minute"
 msgstr ""
 
@@ -30799,6 +30793,9 @@ msgstr ""
 msgid "Set limit to 0 to allow any file size."
 msgstr ""
 
+msgid "Set limits for web and API requests."
+msgstr ""
+
 msgid "Set max session time for web terminal."
 msgstr ""
 
@@ -36032,9 +36029,6 @@ msgstr ""
 msgid "Unauthenticated web rate limit period in seconds"
 msgstr ""
 
-msgid "Unauthenticated web request rate limit"
-msgstr ""
-
 msgid "Undo"
 msgstr ""
 
@@ -36734,7 +36728,7 @@ msgstr ""
 msgid "User Settings"
 msgstr ""
 
-msgid "User and IP Rate Limits"
+msgid "User and IP rate limits"
 msgstr ""
 
 msgid "User does not have a pending request"
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index f40905415e0..b25fc9f257a 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -551,22 +551,22 @@ RSpec.describe 'Admin updates settings' do
 
         page.within('.as-ip-limits') do
           check 'Enable unauthenticated API request rate limit'
-          fill_in 'Max unauthenticated API requests per period per IP', with: 100
+          fill_in 'Maximum unauthenticated API requests per rate limit period per IP', with: 100
           fill_in 'Unauthenticated API rate limit period in seconds', with: 200
 
           check 'Enable unauthenticated web request rate limit'
-          fill_in 'Max unauthenticated web requests per period per IP', with: 300
+          fill_in 'Maximum unauthenticated web requests per rate limit period per IP', with: 300
           fill_in 'Unauthenticated web rate limit period in seconds', with: 400
 
           check 'Enable authenticated API request rate limit'
-          fill_in 'Max authenticated API requests per period per user', with: 500
+          fill_in 'Maximum authenticated API requests per rate limit period per user', with: 500
           fill_in 'Authenticated API rate limit period in seconds', with: 600
 
           check 'Enable authenticated web request rate limit'
-          fill_in 'Max authenticated web requests per period per user', with: 700
+          fill_in 'Maximum authenticated web requests per rate limit period per user', with: 700
           fill_in 'Authenticated web rate limit period in seconds', with: 800
 
-          fill_in 'A plain-text response to show to clients that hit the rate limit.', with: 'Custom message'
+          fill_in 'Plain-text response to send to clients that hit a rate limit', with: 'Custom message'
 
           click_button 'Save changes'
         end