Access control for GitHub Pages

GitHub Pages now gives you the option to limit access, making the site visible only to users with access to the repository that published the Page. With access control, you can use GitHub Pages to publish and share internal documentation and knowledge across your enterprise.

As part of this release, we are introducing the following capabilities:

  • Repo admins can select whether GitHub Pages sites are publicly visible or limited to users who have access to the repository.
  • Both private and internal repositories support private visibility. With an internal repository, everyone in your enterprise will be able to view the Page with the same credentials they use to login to github.com
  • Org admins can configure the visibility options that members will be able to select for their Page. For example, you can enforce that your members can only publish content privately.

This feature is generally available today on GitHub Enterprise Cloud. To enable access control on Pages, navigate to your repository settings, and click the dropdown menu to toggle between public and private visibility for your site.

Private publishing for GitHub Pages

For questions, visit the GitHub pages community

On February 15th, GitHub Actions will remove support for referencing actions using the shortened version of a git commit SHA. This may cause some workflows in your repository to break. To fix these workflows, you will need to update the action reference to use the full commit SHA.

For example, if your workflow references actions/checkout@5a4ac90, you should change it to actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f. You can find the full commit SHA in the referenced action's repository.

This change is being made to align product functionality with our published security guidance

See more