Log message whenever 403 occurs due to too many IPs from one user

What does this MR do and why?

GitLab returns 403 errors when user hits the IP limits when the IP address restriction feature is enabled (https://docs.gitlab.com/administration/reporting/ip_addr_restrictions/). Previously it was difficult to determine whether the 403 came from Rack Attack, a real authentication failure, or this IP address restriction. Log a message to make it easier to ascertain what happened.

References

Relates to #549532 (closed)

How to set up and validate locally

1. Follow the instructions in https://docs.gitlab.com/administration/reporting/ip_addr_restrictions/#configure-ip-address-restrictions to set up IP restrictions.
2. CAUTION: You may get locked out of the system for a minute. You can always modify the Rails console or delete the Redis key (del user_unique_ips:<user id>). Set the number of IPs to 2 for testing and lower the expiration time for a minute:

3. Then use another IP (e.g. from a VPN or mobile) to log in or clone. In /var/log/gitlab/gitlab-rails/auth_json.log, you should see a message like:

{"severity":"ERROR","time":"2025-06-27T22:25:05.205Z","correlation_id":"01JYSQX3N7SFEX6RS072SDB0C1","message":"too_many_ips","remote_ip":"x.x.x.x","unique_ips_count":4,"user_id":1}

If the runner attempts to clone, you might see:

{"severity":"ERROR","time":"2025-06-29T04:28:21.682Z","correlation_id":"01JYWZ30848Y5AETFH48THC1JT","meta.caller_id":"Repositories::GitHttpController#info_refs","meta.feature_category":"source_code_management","message":"too_many_ips","remote_ip":"x.x.x.x","unique_ips_count":3,"user_id":1}

4. Restore your original settings.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.