This version of GitHub Enterprise Server will be discontinued on 2026-08-25. Discontinued releases are not supported. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features in GitHub Enterprise Server, see Overview of the upgrade process. For help with the upgrade, GitHub Enterprise Support.

Enabling push protection for your repository

With push protection, secret scanning blocks contributors from pushing secrets to a repository and generates an alert whenever a contributor bypasses the block.

Who can use this feature?

Repository owners, organization owners, security managers, and users with the admin role

  1. On GitHub, navigate to the main page of the repository.

  2. Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of a repository header showing the tabs. The "Settings" tab is highlighted by a dark orange outline.

  3. In the "Security" section of the sidebar, click Advanced Security.

  4. If you have not already enabled Secret Protection, to the right of "Secret Protection", click Enable.

  5. In the "Secret Protection" section, to the right of "Push protection", click Enable.