Commit afec996c authored by Sid Sijbrandij's avatar Sid Sijbrandij

Give more security information

parent ac5b7ce8
Pipeline #82788 passed with stages
......@@ -136,7 +136,7 @@ extra_js:
<div class="row security">
<div class="col-xs-1 col-md-1"></div>
<div class="col-xs-12 col-md-6">
<h2>Availability/Security</h2>
<h2>Availability and Security</h2>
<ul>
<li>GitLab.com is monitored 24/7. For updates follow <a href="https://twitter.com/gitlabstatus">@gitlabstatus</a>
or see our <a title="status" href="http://status.gitlab.com/">status page</a>.</li>
......@@ -153,6 +153,8 @@ extra_js:
</li>
</ul>
</li>
<li>Our servers are hosted on Amazon Web Services (AWS) and Azure, we use configuration management and patch our servers at least once a week.</li>
<li>GitLab offers [2 factor authentication](https://about.gitlab.com/2015/05/22/gitlab-7-11-released/) (2FA) and our passwords are one-way encrypted.</li>
</ul>
</div>
<div class="hidden-xs hidden-sm col-md-4">
......
  • +1 thanks for documenting @sytses

  • @sytses @jacobvosmaer I think he wants something more.

    Who has access to the data? Are the backups encrypted? (Assuming there are backups...?)

    Take a look at the github page he linked: https://help.github.com/articles/github-security/
    I think we should have something similar to that.
    Some basic information in the index page (what you did already) and some more detailed informations on a seperate page.

  • @haynes I understand that, but we're switching backup methods and I don't want to have inaccurate information on the page. We won't be listing as much as GitHub, since we're IaaS based I'm not sure our datacenter is in an unmarked building :) But feel free to send MR's with other relevant information if you want to.

  • @sytses, how about now? It's been about a year since you said you're switching backup methods; done now? :)

    I would be interested in seeing a dedicated "Security" page similar to the GitHub page linked to by @haynes.

  • @sytses, I'm also very interested in this - for the same reasons as the original forum poster and @mike.weilgart + @haynes. I just got a home server, and I'm looking to either use GitLab.com or host it privately. I use a privately hosted GitLab at work, and I really love it.

    Any updates would be great :]

Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment