Merge branch 'docs-security-dir-tier' into 'master'

Add tiers to Security product docs See merge request gitlab-org/gitlab!63571

Merge branch 'docs-security-dir-tier' into 'master'
Add tiers to Security product docs See merge request gitlab-org/gitlab!63571
026957b9 · Russell Dickenson · a4ac0577 · f98a41f3 · 026957b9 · 026957b9
Commit 026957b9 authored Jun 13, 2021 by Russell Dickenson
9 changed files
--- a/doc/security/README.md
+++ b/doc/security/README.md
@@ -6,7 +6,7 @@ comments: false
 type: index
 ---

-# Security
+# Security **(FREE)**

 - [Password storage](password_storage.md)
 - [Password length limits](password_length_limits.md)

--- a/doc/security/asset_proxy.md
+++ b/doc/security/asset_proxy.md
@@ -4,10 +4,10 @@ group: unassigned
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---

-# Proxying assets
+# Proxying assets **(FREE SELF)**

-A possible security concern when managing a public facing GitLab instance is
-the ability to steal a users IP address by referencing images in issues, comments, etc.
+A possible security concern when managing a public-facing GitLab instance is
+the ability to steal a users IP address by referencing images in issues and comments.

 For example, adding `![Example image](http://example.com/example.png)` to
 an issue description causes the image to be loaded from the external
@@ -18,7 +18,7 @@ One way to mitigate this is by proxying any external images to a server you
 control.

 GitLab can be configured to use an asset proxy server when requesting external images/videos/audio in
-issues, comments, etc. This helps ensure that malicious images do not expose the user's IP address
+issues and comments. This helps ensure that malicious images do not expose the user's IP address
 when they are fetched.

 We currently recommend using [cactus/go-camo](https://github.com/cactus/go-camo#how-it-works)

--- a/doc/security/crime_vulnerability.md
+++ b/doc/security/crime_vulnerability.md
@@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 type: reference
 ---

-# How we manage the TLS protocol CRIME vulnerability
+# How we manage the TLS protocol CRIME vulnerability **(FREE SELF)**

 [CRIME](https://en.wikipedia.org/w/index.php?title=CRIME&oldid=692423806) is a security exploit against
 secret web cookies over connections using the HTTPS and SPDY protocols that also

--- a/doc/security/information_exclusivity.md
+++ b/doc/security/information_exclusivity.md
@@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 type: concepts
 ---

-# Information exclusivity
+# Information exclusivity **(FREE)**

 Git is a distributed version control system (DVCS). This means that everyone
 who works with the source code has a local copy of the complete repository.

--- a/doc/security/project_import_decompressed_archive_size_limits.md
+++ b/doc/security/project_import_decompressed_archive_size_limits.md
@@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 type: reference, howto
 ---

-# Project Import Decompressed Archive Size Limits
+# Project import decompressed archive size limits **(FREE SELF)**

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31564) in GitLab 13.2.
 > - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/63025) in GitLab 14.0.

--- a/doc/security/rack_attack.md
+++ b/doc/security/rack_attack.md
@@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 type: reference, howto
 ---

-# Rack Attack initializer
+# Rack Attack initializer **(FREE SELF)**

 [Rack Attack](https://github.com/kickstarter/rack-attack), also known as Rack::Attack, is a Ruby gem
 that is meant to protect GitLab with the ability to customize throttling and

--- a/doc/security/rate_limits.md
+++ b/doc/security/rate_limits.md
@@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 type: reference, howto
 ---

-# Rate limits
+# Rate limits **(FREE SELF)**

 NOTE:
 For GitLab.com, please see

--- a/doc/security/unlock_user.md
+++ b/doc/security/unlock_user.md
@@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 type: howto
 ---

-# How to unlock a locked user from the command line
+# How to unlock a locked user from the command line **(FREE SELF)**

 After ten failed login attempts a user gets in a locked state.


--- a/doc/security/webhooks.md
+++ b/doc/security/webhooks.md
@@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 type: concepts, reference, howto
 ---

-# Webhooks and insecure internal web services
+# Webhooks and insecure internal web services **(FREE SELF)**

 NOTE:
 On GitLab.com, the [maximum number of webhooks and their size](../user/gitlab_com/index.md#webhooks) per project, and per group, is limited.