Enabling and Disabling Global Detection Rules
With Security for Bitbucket, you can disable security rules if a certain rule doesn’t fit the needs of your organization. The rules can only be enabled and disabled by Bitbucket administrators or anyone that's been granted explicit access.
To disable a rule, go to Administration → Security for Bitbucket Server → Security Validation Rules → Custom Rules. Alternatively, you may reach the configuration by clicking the gear icon on any dashboard:
![](../../__attachments/14609743930/DefiningGlobal1.png?inst-v=1b0af743-2cdd-4a08-ad47-6dd768c8f61d)
In the Project- and Repository-level Dashboards, if you are not a Bitbucket admin nor a recipient of explicit access, the gear icon will not appear.
This will take you to the Security for Bitbucket Settings page. The built-in rules area appears near the bottom as shown:
![Global rule configuration in the Security for Bitbucket settings.](../../__attachments/14609743930/Screen%20Shot%202021-10-21%20at%209.53.10%20AM-20211021-165329.png?inst-v=1b0af743-2cdd-4a08-ad47-6dd768c8f61d)
Global rule configuration in the Security for Bitbucket settings
If a scan with no vulnerabilities has been completed prior to toggling a rule, that scan will have a status of “settings changed” and be counted as “outdated” in repository and project statistics.