Feature Proposal (SECURITY): Allow to add code at the beggining of the `server` block (instead of only the end)
Description
I have a GitLab-ce on Digital Ocean like a lot of people. However, there are some script kiddies that scan every single IP address that DigitalOcean owns and then when they find a Gitlab, they start to rattle all the entry doors and mess with everything they touch (such as creating empty accounts and empty projects if the feature is not disabled).
Proposal
What I need to do is to disallow connections that don't know the real domain name of the server.
I was trying to apply Rolf’s solution (https://serverfault.com/a/787501/448714) in the gitlab.rb file using these instructions (https://serverfault.com/a/787501/448714), but it didn’t work, because Gitlab added the code at the end of the Nginx server block instead of the beggining.
Links / references
Edited by Matt