<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=883) </details> <!--IssueSummary end--> **Content Prohibited via Regex** Using Push Rules, allow regex for prohibited content, just as you do with prohibited file names. For instance, block use of the `exec` function in `php` files with something like `/exec\s?(/`. And it might be a good idea to limit rules by filetype or only when there is also a filename regex match, because the same string is harmless in many other files. Admittedly, this functionality may be better suited to a build system, however, the push rules are better suited to smaller projects that don't have or require a build system. **Prohibited Keys** Along the same lines, it would be nice to set certain keys/passwords should not be allowed to be pushed. like a Paypal API key, a database password, etc. I imagine this is similar in functionality to creating _Personal Access Tokens_. You can give the key a recognizable name, but you can never view/retrieve/modify the key once created. Logistically, this may be difficult to implement. You can't store the key as a hash, because you need to be able to compare the original string to the file content. So, perhaps encrypt them with a project-specific key?