block /webhook/ on irc bot
the irc bot has /webhook/ wide open to the world right now, and without a password. block the /webhook/ route in nginx and restrict it to the gitlab host.
the irc bot has /webhook/ wide open to the world right now, and without a password. block the /webhook/ route in nginx and restrict it to the gitlab host.