Skip to content
Runbooks

Blocking a project causing high load

When to use this runbook: when the abuse originates from a specific GitLab project and needs to be mitigated at the application layer (Rails admin / rails console). For blocking by IP, path, or User-Agent at the edge, see the Cloudflare blocking and managing traffic runbook instead — Cloudflare is the preferred first option for blocking HTTP/S traffic.

Steps

Section titled “Steps”

  1. Start a rails console issuing the command sudo gitlab-rails console.

  2. Set the project in question to private. For example, my-namespace/my-group/my-project would be:

    project = Project.find_by_full_path('my-namespace/my-group/my-project')
    project.visibility_level = Gitlab::VisibilityLevel::PRIVATE
    project.save

  3. If that fails for some reason, navigate to the project via an admin account and disable that. For example, the URL for the example above would be:

    https://gitlab.com/my-namespace/my-group/my-project/settings/edit

    Under Permissions, click Expand, and set Project visibility from Public to Private.

  4. For good measure, you may also want to toggle the Repository button from on to off.

  5. To avoid having these settings changed by the project owner, you may also want to block the owner of the project. For example:

    project.owner.block!