Logs: Record username when rate limiting triggered
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Problem to solve
It is common for multiple users to share a single IP address. For example, a company will often have a single IP address shared by all the employees in the office. Because GitLab's rate limiting is IP-based, if anything triggers rate limiting on that shared IP address, all the users will be affected.
This was a problem for at least one specific customer: "SaaS customer engaged support because they were unable to login to GitLab.com because of rate limiting on the user login endpoint, which is protected. As the customer's developers are in a corporate network, they all have the same IP. An internal process was trying to login with an invalid user account, this causing the rate limiting for all users. GitLab support was unable to provide which user was responsible for this issue, thus could not provide helpful support to the customer." See the original report.
Proposal
The "Rack_Attack" entry stored in auth.log should include the username if a user is 1) authenticated or 2) attempting to log in, or should specify that the username is "unknown".
This proposal was extracted from another issue.