GitLab | AI bot blocker (#122)
Amar Takhar (@amar)
gitlab at rtems.org
Fri Mar 13 20:57:51 UTC 2026
Amar Takhar created an issue: https://gitlab.rtems.org/administration/gitlab/-/issues/122
Our GitLab instance is being hammered by AI bots for now we've limited requests to the following URLs:
* `/.*/-/commit/.*`
* `/.*/-/blob.*`
* `/.*/-/graphs/.*`
* `/.*/-/tree.*`
* `/.*/-/blame.*`
* `/.*/-/raw.*`
* `/.*/-/netowrk.*`
* `/.*/-/compare.*`
There is a bypass now added (2026-03-13) that skips certain internal IP addresses to avoid being throttled this should fix CI.
On the TODO is fixing the bypass for users that are logged in. Unfortunately there does not seem to be a stable cookie to use so I'll have to query the session cookie for logged in users in order for the bypass to work. Those are stored in Redis and will be handled eventually.
All of this runs in NGINX written in Lua.
--
View it on GitLab: https://gitlab.rtems.org/administration/gitlab/-/issues/122
You're receiving this email because of your account on gitlab.rtems.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/bugs/attachments/20260313/478b36d6/attachment.htm>
More information about the bugs
mailing list