Enable users to block access to git protocols at the group level
Release Post
You can now block git access protocols that you do not use at a group level. This may improve security. By default, both HTTP(S) and SSH are enabled. You can which ones you would like to be enabled under your group Settings>General>Permissions and group features>Enable git access protocols
.
Proposal
We should support the ability to block git protocols (i.e. HTTP(S) or SSH) on group level.
This helps to avoid a perceived or real security regression for users of the IP allowlisting feature when we introduce Apply GitLab SaaS IP Allowlisting for SSH (&6296 - closed). The former blocks all SSH traffic. The latter would unblock it albeit applying the IP restriction.
Edited by Robert May