Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
badges earned

Your Points Tracker
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Remove sensitive files from commit history

Back when I was first starting with Git, I pushed my config.php file and some unneeded cache files into the repo. I have seen that it is possible to use filter branch to remove unwanted files from history. So say I had these files I wanted to remove:

- config.php

- forums/cache/*.php

there is more, but I can figure it out when someone tells me how to do those. I am using BitBucket with SourceTree.

2 answers


take a look at this article:

What's explained there applies also to BitBucket.

My suggestion is to go directly to the BFG paragraph. It's very easy to install and to use, and automates the procedure of cleaning unwanted files from the history. After BFG step, you need to follow the instructions to purge the local git repo.

Before trying anything make a copy of the entire repo in another dir on your pc, just in case...

Pay attention to the online caches that services like GitHub and BitBucket maintains.

If what you have to delete is not sensitive data, then you can simply force push your changes online, with

git push origin master --force

and repeat it for every branch whose history BFG has rewritten. Be aware that you are rewriting history on (possibly) public branches. If you share work with others, don't do that and instead do a regular commit to delete files (and leave the history untouched).

If you DO have sensitive data to delete (passwords, keys), then you should delete and recreate the repo on bitbucket before pushing the repo after BFG.

A last word of caution: if something goes wrong and you don't have a backup, you'll lose some data.

Hi Alex,

You can ignore the sensitive files and logs files from being commited to the repository by using the git ignore feature. Refer to the following documentation on using git ignore. You can also run the command git help gitignore to view all the available commands for the git ignore function.

Here is a sample of gitignore code:


Copy the code and save it in a file with .gitignore name and place it in your root directory.

Will this will work on files that are already versioned?


Aafrin refers to the standard way to configure ignore patterns in a Git repository.

.gitignore files must be in place before you git add files. After committing, the changes will be recorded permanently in the repo, and the only way to delete them is "rewriting"history.

The approach outlined in my answer is one of the simplest, but keep in my mind that you should avoid it, unless you have strong reasons to do so (the only one I think of is when you commit really sensitive data, like passwords and keys).

When you want to remove unharmful unwanted files (like logs, executables, etc.), the best option is to do a commit that "reverts" changes. To do so, you simply delete unwanted files in your local repo, then stage the deletion and commit it the usual way.

That's what I thought. Thanks for the confirmation.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bitbucket

New improvements to user management in Bitbucket Cloud 👥

Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...

348 views 2 10
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you