Back to GitHub Support Contact GitHub

GitHub for Business - page 3

GitHub Enterprise 2.4 is now available

GitHub Enterprise is the on-premises version of GitHub, which you can deploy and manage in your own, secure environment. The GitHub Enterprise 2.4 release offers users and administrators greater control over their instance—and their workflows. From protected branches to simplified asset management, our latest release includes features and updates that make GitHub more flexible.

Protected branches and required statuses

With protected branches, administrators now have the ability to disable force pushes to specific branches. Required status checks on protected branches make integrations that use our Status API enforceable, and you can disable the merge button until they pass.

Improved organization permissions

Improved permissions give your organization the flexibility to work the way you want. New customizable member privileges, fine-grained team permissions, managed access, and transparent communication with team mentions make it even easier for your team to work together. Learn more about GitHub’s improved organization permissions.

Easier asset management with Git Large File Storage

With the inclusion of Git LFS you can integrate large binary files into your Git workflow. Large files are stored on your server and the custom API allows you to transfer any number of files with ease. Learn more about Git LFS.

More flexibility with GitHub Pages

Your GitHub Pages sites can be public even if your Enterprise instance is private. With the new jekyll-feed plugin, you can automatically generate an Atom (RSS-like) feed of your most recent posts, making it easier for people to subscribe. Learn more about easier feeds for GitHub Pages.

Keep your instance current

Ensure your GitHub Enterprise instance is up-to-date with new features, security patches, and bug fixes by opting in to automatic downloads of new releases, which you can then apply from the management console.

Render map data within GitHub Enterprise

With GeoJSON support, any GeoJSON file in a GitHub repository will now be automatically rendered as an interactive, browsable map, annotated with your geographic data. You can even customize the way your data is displayed, such as coloring and sizing individual markers, or specifying a more descriptive icon.

Merge with confidence

The area above the merge button now contains information on automated status checks, making it easier to see if your proposed changes are ready to go or need more work.

Universal 2nd Factor authentication

Earlier this month we announced that we expanded GitHub’s authentication system to support FIDO Universal 2nd Factor (U2F), and this security feature is now available with the GitHub Enterprise 2.4 release. Read more about how U2F keys work or take a look at the documentation to learn how to associate a U2F key with your instance.

For the full list of features and updates, check out the release notes. If you’re currently using GitHub Enterprise, you can download this release now. If you want to give GitHub Enterprise a try, request a 45-day free trial.

GitHub Enterprise security best practices

We want to free up your administrator’s time by providing a tool that requires little maintenance and great out-of-the-box security. By following a few simple steps, GitHub Enterprise can be ready for your developers to test the same day it you install it.

Sometimes in the excitement to get up and running, it is easy to pass over simple solutions for security. This post will guide you through some of the settings GitHub Enterprise provides to ensure your company’s installation is secure without inhibiting collaboration. We will also discuss monitoring and auditing tools that give greater insight into the health and security of your installation.

Initial instance setup

Instance password

The password for the Enterprise Management Console, as shown in step #8 of this guide, is the main gateway to administer GitHub Enterprise. This shared password gives a user unfettered access to the GitHub Enterprise environment, so we recommend that you only share it with a select few individuals and save it in an encrypted vault such as 1Password or a similar password management tool. Using this password, you can establish SSH keys through the /setup page in GitHub Enterprise. After setting up a key, an administrator can SSH into the GitHub Enterprise instance and gain access to all the ghe- command line utilities available.

Private Mode


In the /setup page of GitHub Enterprise you will find a setting that enables Private Mode. With this setting enabled, GitHub Enterprise hides all content from users who are not authenticated, including public repositories.

Enabling Private Mode is required for GitHub Enterprise instances that are accessible to users outside of the firewall without a VPN. This helps to ensure a user does not inadvertently make a repository public externally that should remain private within a company.

If your GitHub Enterprise install is only available from a VPN outside of your firewall Private Mode does not need to be turned on. This lets unauthenticated people within the firewall view public repositories and public GitHub Pages.

Subdomain isolation


We strongly recommend that everyone turn on subdomain isolation for their GitHub Enterprise instance. Subdomain isolation securely separates user-supplied content from other portions of your GitHub Enterprise appliance, which mitigates cross-site scripting and other related vulnerabilities. You can make these changes by creating a wildcard DNS entry or by whitelisting each subdomain individually. A full list of these subdomains is available in the link above.

Improved monitoring

If you navigate to the /setup/monitor page in GitHub Enterprise you will notice GitHub Enterprise now ships (as of Enterprise version 2.3) with more graphs to monitor activity on the instance. This permits an administrator to spot suspicious activity and maintain stability in the environment.

Another feature that helps you keep GitHub Enterprise secure is the audit log, which is available at the /stafftools/audit_log endpoint. It records actions that are occurring and makes them visible to a site administrator. These audit logs reveal what action occurred (for instance, a user login), who performed the action, and the IP address of the request. This gives you great visibility into what is happening on an instance level.


Certain authentication methods provide additional levels of security and control. Two we’ll highlight here are restricted user groups and universal two-factor authentication.

Restricted user groups

Both LDAP Sync and SAML with Okta allow GitHub Enterprise administrators to segment users and fine-tune control of GitHub Enterprise. In addition to securing your instance, these tools let you control the number of licensed seats in use at any given time.

LDAP Sync permits an administrator to set up a Restricted Group (in Active Directory, for example) that limits access to GitHub Enterprise to only users found in that group.


SAML with Okta lets an administrator control access to GitHub Enterprise by setting it up as an “application” and assigning users to that application to give them access.

With fine tuned controls over who can access the instance, and great reporting from those tools about group membership, an administrator can feel confident in both controlling and monitoring access.

Universal second factor authentication

In partnership with Yubico, GitHub also supports Universal Second Factor Authentication (U2F). If you are not using GitHub’s built in authentication in your instance, however, your identity management provider must provide U2F.

We strongly encourage companies and individuals to reach out to their identity providers and request support for U2F if it is not yet supported.

Organizational security options

GitHub’s revamped organizations and teams are another way to secure your GitHub Enterprise installation. Administrators of GitHub Enterprise will now have the ability to set access levels for a team on a per repository basis. This granularity will reduce the number of teams that administrators must set up and maintain.

Any questions, don’t hesitate to reach out

If you are administering GitHub Enterprise for your team, putting these best practices into play is a great step toward ensuring that your instance stays healthy, secure, and as easy to maintain as it was to install. For a deeper dive into securing your GitHub Enterprise installation, check out this recording from GitHub Universe.

If you have any questions about securing your GitHub Enterprise installation you can reach out to to get clarifications or help.

The GitHub Services team is happy to help get you up and running with GitHub Enterprise. We can help you get GitHub Enterprise deployed quickly while following the best practices for security, availability and redundancy. If you would like to learn more about how we can help, don’t hesitate to reach out to

GitHub Enterprise 2.3 is now available

GitHub Enterprise 2.3 offers users and administrators greater control over their instance—and their workflows. From expanded monitoring to a hi-fidelity migration tool, our latest release includes features, APIs, and ongoing security updates that make GitHub more flexible and secure.

New Administrator APIs

New enterprise-only APIs give administrators more flexibility when setting up and provisioning new accounts, as well as when listing details about their users and organizations. You can check out the full list of APIs included in GitHub Enterprise 2.3 the release notes.

Simpler migrations

Whether you’re consolidating GitHub Enterprise instances or moving your organization from, the ability to easily migrate data is important. To simplify this process, you can now use ghe-migrator—a hi-fidelity tool for migrating repositories and all of their supporting data from one GitHub instance to another.

Advanced monitoring

With more ways to monitor your instance, your team can react to small issues before they get bigger. Administators can now see the current state of queues for background jobs and emails, along with more extensive request metrics and additional dashboard information for MySQL, Redis, and ElasticSearch.

Filter pull requests by status

You can sort pull requests by the status of commits with the status: filter—giving you greater control over an important part of the development process. This works especially well if you’re using The Status API or an integration service that does.

And more

  • Outbound HTTP proxies for third party tools and services
  • Previewing for comments
  • Better RSA key validations that prevent weak SSH keys
  • Read-only deploy keys
  • Referrer sanitization

For the full list of features and updates, check out the release notes. If you’re currently using GitHub Enterprise, you can download this release now. If you want to give GitHub Enterprise a try, request a 45-day free trial.

Announcing GitHub Enterprise 2.1.0


It’s a new year and we couldn’t think of a better way to start it off than with a new release of GitHub Enterprise. We’ve included a number of highly-requested features, along with some of the best stuff recently shipped on - all to give developers and admins the best tools to build and ship software at work.

Let’s talk about some of the features you’ll find in this release.

Automate user and team management with LDAP Sync

Many of you have told us that you want it to be easier to use GitHub Enterprise with LDAP, especially for organizations managing lots of users. With this release, GitHub Enterprise integrates with your LDAP directory more deeply than ever before, automating identity and access management for your organization. This means you can provision and deprovision user accounts in GitHub Enterprise directly from LDAP with user sync, and automatically grant users access to repositories with team sync. While we were at it, we also improved LDAP performance across the board, increasing reliability and throughput.

Deploy GitHub Enterprise on OpenStack KVM

One of our goals with last year’s rebuild of GitHub Enterprise was to make it available in more of the environments where you want to run it, whether you’re managing your infrastructure on servers you own or on an internal cloud-based platform. That’s why we’re excited to announce that with this release, GitHub Enterprise is available on OpenStack KVM, in addition to Amazon Web Services and VMware. If your tech stack is built on KVM, you can now easily set up GitHub Enterprise and integrate with other parts of your internal system.

Audit all user actions across your instance

The Organization Audit Log that shipped with the November release of GitHub Enterprise has now been expanded to the instance level, giving administrators a skimmable and searchable record of every action performed across GitHub Enterprise in the past 90 days. Events like repository creation, team deletion, the addition of webhooks, and more are surfaced in a running log, along with information about who performed the action and when it occurred. These events can be filtered for deeper analysis, and you can create a wide range of custom search queries to make sure you’re always aware of what’s taking place on your instance.


Monitor the performance of GitHub Enterprise

If you’re administering GitHub Enterprise, you should be able to identify whether your instance is performing correctly and quickly locate what’s wrong when it isn’t. With the new Instance Monitoring Dashboard, you now can. With data displayed for things like data disk usage, memory, CPUs, and more, you’ll be able to answer questions like:

  • Are my users experiencing errors?
  • Are things fast or slow for my users?
  • What is a typical traffic pattern? What is abnormal?
  • Should I upgrade CPU, memory, or IO to improve the performance of my instance?
  • When should I plan to increase my disk space given my current growth rate?


Even more betterness

GitHub Enterprise 2.1.0 also includes:

To see the full list of features and bug fixes, check out the release notes for GitHub Enterprise 2.1.0.

Take 2.1.0 for a spin

If you’re an existing GitHub Enterprise customer, you can download the latest release from the GitHub Enterprise website. If you want to give GitHub Enterprise a try, start a 45-day free trial on OpenStack KVM, AWS, or VMware.

The story behind the new GitHub Enterprise

Today we’re releasing the fastest and most flexible version of GitHub Enterprise ever, including high availability and disaster recovery options, dramatically improved LDAP and SAML integration, major improvements to features like code review and project management, and support for deploying on Amazon Web Services.


We’re proud to share this release with you not just because it’s our finest work yet, but because it represents a major milestone in our mission to change the way the world builds software together.

Over seven million people and hundreds of thousands of organizations are working together on over 17 million repositories on, but that only begins to scratch the surface. With this release of GitHub Enterprise we’re making social coding available to anyone who wants to host code in their AWS-powered cloud, while also shipping a better product experience for the thousands of administrators and developers already using GitHub Enterprise daily.

When GitHub launched in 2008, it was all about sharing. You could quickly sign up for an account and share your open source with the world, or, purchase private repositories and control precisely who has access to your source code. But our goal wasn’t workflow or collaboration - it was making it easy to share your git repositories with others.

As GitHub grew we saw the power in working together. This led us to create Organizations in 2010: group accounts which allow open source projects, non-profits, schools, governments, companies, and teams of all kinds to create a presence on GitHub and more easily build software together. Our focus expanded from simply publishing git repositories to helping people build software together.

People quickly created thousands of Organization accounts, but the feedback from larger organizations was resounding: they loved features like Pull Requests, yet many wanted data isolation for their code and support for enterprise-level features such as integration with their authentication system. This led us to create GitHub Enterprise, a VM-based on-premises version of GitHub we released in November 2011.

In the three years since that release, we’ve seen GitHub Enterprise change the way entire companies build software together. We’ve witnessed cultures evolve, companies thrive, and developers rave about how GitHub has changed their workflow. But we’ve also spent countless hours talking to our customers about how we can improve, and we’ve taken that feedback seriously.

Today’s release is the culmination of months of hard work to make GitHub Enterprise more accessible to more people and even better for our current customers. Whether you’re hacking on open source on or coding the next version of your company’s Android app using GitHub Enterprise, our goal is to help you build better software.

We hope you love this release as much as we do.


Discover new ways to build better

Try Marketplace apps free for 14 days

Learn more