Enforce rate limit per IP on /users/sign_up
What does this MR do and why?
This MR enforces a rate limit per IP address on the /users/sign_up
endpoint. This is to mitigate attempts to misuse the endpoint, for example to mass-discover usernames/emails in use. It refers to https://gitlab.com/gitlab-org/gitlab/-/issues/339151
Rollout issue for the feature flag: #349843 (closed)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Magdalena Frankiewicz