Rate limits on note creation

Introduced in GitLab 13.9.

This setting allows you to rate limit the requests to the note creation endpoint.

To change the note creation rate limit:

  1. On the top bar, select Menu > Admin.
  2. On the left sidebar, select Settings > Network.
  3. Expand Notes Rate Limits.
  4. Under Max requests per minute per user, enter the new value.
  5. Optional. Under List of users to be excluded from the limit, list users to be excluded from the limit.
  6. Select Save changes.

This limit is:

  • Applied independently per user.
  • Not applied per IP address.

The default value is 300.

Requests over the rate limit are logged into the auth.log file.

For example, if you set a limit of 300, requests using the Projects::NotesController#create action exceeding a rate of 300 per minute are blocked. Access to the endpoint is allowed after one minute.