Rate limits on Git HTTP
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed, GitLab Dedicated
If you use Git HTTP in your repository, common Git operations can generate many Git HTTP requests. Some of these Git HTTP requests do not contain authentication parameter and are considered unauthenticated. You can enforce rate limits on Git HTTP requests. This can improve the security and durability of your web application. General user and IP rate limits aren’t applied to Git HTTP requests.
Configure Git HTTP rate limits
Git HTTP rate limits are disabled by default. If enabled and configured, these limits are applied to Git HTTP requests.
To configure Git HTTP rate limits:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > Network.
- Expand Git HTTP rate limits.
- Select Enable unauthenticated Git HTTP request rate limit.
- Enter a value for Max unauthenticated Git HTTP requests per period per user.
- Enter a value for Unauthenticated Git HTTP rate limit period in seconds.
- Select Save changes.
Related topics
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support