Rate limits on Git HTTP

Tier: Free, Premium, Ultimate Offering: Self-managed, GitLab Dedicated

History

Introduced in GitLab 17.0.

If you use Git HTTP in your repository, common Git operations can generate many Git HTTP requests. Some of these Git HTTP requests do not contain authentication parameter and are considered unauthenticated. You can enforce rate limits on Git HTTP requests. This can improve the security and durability of your web application. General user and IP rate limits aren’t applied to Git HTTP requests.

Configure Git HTTP rate limits

Git HTTP rate limits are disabled by default. If enabled and configured, these limits are applied to Git HTTP requests.

To configure Git HTTP rate limits:

On the left sidebar, at the bottom, select Admin Area.
Select Settings > Network.
Expand Git HTTP rate limits.
Select Enable unauthenticated Git HTTP request rate limit.
Enter a value for Max unauthenticated Git HTTP requests per period per user.
Enter a value for Unauthenticated Git HTTP rate limit period in seconds.
Select Save changes.

Help & feedback

Docs

Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.

Product

Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Join First Look to help shape new features.

Feature availability and product trials

View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.

Get Help

If you didn't find what you were looking for, search the docs.

If you want help with something specific and could use community support, post on the GitLab forum.

For problems setting up or using this feature (depending on your GitLab subscription).

Request support

Rate limits on Git HTTP

Configure Git HTTP rate limits

Related topics

Help & feedback

Docs

Product

Feature availability and product trials

Get Help