Captcha and VPN.
We have a policy of utilizing utilizing a VPN. This triggers captcha on a regular basis when I browse into gitlab.com to look at my repositories and CI.
I’d like to mitigate this without discarding the VPN.
Can the IPs be whitelisted in some way?
VPN’s will always do this, more so if it is a free one. They are unlikely to be whitelisted by Gitlab, since there is no way to tell if people will misuse these services or not.
Perhaps utilise a better VPN vendor. I personally use Windscribe with a paid plan and don’t have these issues with any sites. But then I don’t access Gitlab via VPN, I access it normally. I don’t see why you would need to access Gitlab via a VPN.
It could be that the VPN exit node happens to be a source of abusive behaviour, resulting in seeing these captchas. Maybe the VPN provider allows you to control which subnets you are coming from (but that probably contradicts why you are using a VPN). I’d analyse the IP addresses and check them against public abuse lists - maybe a VPN provider change can help too.
Having a VPN ‘always on’ on our work machines is a security posture we’ve adopted, for complicated reasons. I’m the guinea pig.
Thank you for your input.
That might indeed be the solution we’re going with. Happily, we can spin up our own hosts, and utilize openvpn as a server.
I don’t see why you would need to access Gitlab via a VPN.
Anyone accessing gitlab via a public access point should use a VPN, in the airport, in the cafe, in the train, in the …
But we also use a paid VPN and face no issues logging in.
Thanks! Since cutting over to a self-hosted openvpn server, I’ve seen no problems.