This version of GitHub Enterprise will be discontinued on This version of GitHub Enterprise was discontinued on 2020-05-23. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Article version: Enterprise Server 2.17

Preventing users from changing anonymous Git read access

You can prevent repository administrators from changing anonymous Git read access to a repository or to all repositories.

In this article

Note: If you enable anonymous Git read access, you're responsible for all access and use of this feature. GitHub will not be responsible for any unintended access or misuse of the feature. Also, you may not use this feature to violate your license from GitHub, including the limit on the number of user licenses you've ordered from us.

To prevent repository administrators from changing the anonymous Git read access settings for a specific repository, you can lock the repository's access settings. After you lock a repository's Git read access setting, only a site administrator can change the setting.

A repository administrator can change the anonymous Git read access for a public repository if it's not a fork. For more information, see "Allowing admins to enable anonymous Git read access to public repositories."

To see the repositories with anonymous Git read access enabled, filter the repositories list in the site admin dashboard.

Preventing users from changing anonymous Git read access for a repository

  1. In the upper-right corner of any page, click .
    Rocketship icon for accessing site admin settings
  2. In the search field, type the name of the repository and click Search.
    Site admin settings search field
  3. In the search results, click the name of the repository.
    Site admin settings search options
  4. In the upper-right corner of the page, click Admin.
    Admin Tools
  5. In the left sidebar, click Admin.
    Admin Tools
  6. Under "Danger Zone", select Prevent repository admins from enabling anonymous Git read access.
    Select checkbox to lock repository from changing its anonymous Git read access setting

Preventing users from changing anonymous Git read access for all repositories

  1. In the upper-right corner of any page, click .
    Rocketship icon for accessing site admin settings
  2. In the left sidebar, click Enterprise.
    Enterprise tab in the Site admin settings
  3. In the enterprise account sidebar, click Settings.
    Settings tab in the enterprise account sidebar
  4. Under " Settings", click Options.
    Options tab in the enterprise account settings sidebar
  5. Under "Anonymous Git read access", confirm that the setting is enabled, then select Prevent repository admins from changing anonymous Git read access.
    Select checkbox to globally lock repository from changing its anonymous Git read access setting

Ask a human

Can't find what you're looking for?

Contact us