So I am a noob. Looking back I don't know what I was thinking. But I just realized I have uploaded my wp-config file for WordPress to GitHub. Which means my access keys and database login is out for the world to see. In the short term I have converted the repository to private. But I need to figure out how to remove the file from all of the repositories commits. I found this, https://help.github.com/articles/remove-sensitive-data/ but I am afraid that I don't quite understand it and I am not sure how to use it. I have Git Shell but I have only really used the GitHub software. Can anyone walk me through the steps to take? Or am I better off deleting the entire repository and starting over?
Asked
Active
Viewed 258 times
0
-
1Possible duplicate of [Completely remove file from all Git repository commit history](http://stackoverflow.com/questions/307828/completely-remove-file-from-all-git-repository-commit-history) – 1615903 Oct 24 '16 at 04:28
-
Also http://stackoverflow.com/q/872565/1615903 – 1615903 Oct 24 '16 at 04:29
1 Answers
1
Even if you converted it to private, it was online for a while. Check their red mean danger text:
Danger: Once you have pushed a commit to GitHub, you should consider any data it contains to be compromised. If you committed a password, change it!
Change the password, then try this repo cleaner: https://rtyley.github.io/bfg-repo-cleaner/ You'll need java. If you consider it too much work just delete and recreate the repo, but change the exposed password anyway.
Victor Hugo
- 56
- 3