gitlab open return 403.
The reason is that the login account and password is brute force tool has been trying to log on, resulting in gitlab explosion mechanism is activated, and because it is used docker built gitlab, using nginx did forward, resulting in gitlab considered to be within the IP network continues the attempt to log in and overrun, the internal network IP did ban, so the appearance of the external network is that all users can log in and returned 403 forbidden.
Solution
Gitlab use the built-in command to see how much of banned IP is: / opt / gitlab / embedded / bin / redis-cli -s /var/opt/gitlab/redis/redis.socket keys' * '| grep' rack :: attack '
解除封禁: /opt/gitlab/embedded/bin/redis-cli -s /var/opt/gitlab/redis/redis.socket keys '*' | grep 'rack::attack' | xargs /opt/gitlab/embedded/bin/redis-cli -s /var/opt/gitlab/redis/redis.socket DEL
The above method can temporarily handle it, you want to solve this problem, still need to be shielded from the IP anomalies from nginx proxy layer.