Gitlab Server - how to remove or not expose the url .well-known/openid-configuration?

I have a gitlab server hosted on-prem, using the CE version. Recently, our security team requested us to not to expose the url /.well-known/openid-configuration. My question is how do I block this url or how should I configure gitlab so that this url is not exposed?

Solution

GitLab uses NGINX and provides a way to add custom settings in /etc/gitlab/gitlab.rb.

Maybe, adding something like this:

nginx['custom_gitlab_server_config'] = "location ^~ /.well-known/openid-configuration {\n deny all;\n}\n"

Then, reconfigure gitlab:

sudo gitlab-ctl reconfigure

See https://docs.gitlab.com/omnibus/settings/nginx.html#inserting-custom-nginx-settings-into-the-gitlab-server-block

VS Code integration with Gitlab Enterprise
How to use git rm -cached to remove tilde file
How to get a file from another repository in GITLAB and use as argument to a python script in current pipeline
How do I add a private Git repository as a submodule inside a public Git repository?
Creeating a structured wiki page in GitLab
How to add an external URL to the proxy
How do I start a gitlab-ce container via docker-compose with admin credentials already set up?
Publishing to gitlab pypi package registry for a group
RPC failed; HTTP 400 curl 22 The requested URL returned error: 400 Bad Request
Gitlab Pipeline fails Sonarqube tests which uses self signed certificate
Git/GitLab – reject commits with raw binary files instead of LFS pointer files
GitLab won't clone from repo in same project group
Host Key Verification Failed - GitLab with Visual Studio Code on macOS
ssh command -T option
Minimal .gitlab-ci.yml file for deploying a plain HTML website
Gitlab doesn't loads new ssl cert and key
How to access GitLab instance container inside the GitLab Runner container to clone the repository on the same machine?
GitLab CI&CD test coverage with jacoco
gitlab issue types and how to create new ones
Any altenatives of "gitlab-runner exec docker <job-name>" to test CI/CD locally? I get "FATAL: Command exec not found."
Deploying GitLab pages for different branches
How to completely remove old commits from Gitlab?
Gitlab CI, artefacts
Why is TF build failing with "Error refreshing state: HTTP remote state endpoint requires auth"?
Renovate how to filter out image prefix containing registry URL when trying to match images in private Azure Container Registry
Git push getting errors in both SSH and HTTPS
gitlab's invalid two-factor code
GitLab OAuth access token validity
How do I create a GitLab webhook?
How to fix: error: '<filename>' does not have a commit checked out fatal: adding files failed when inputting "git add ." in command prompt