A ounce of prevention is worth a pound of cure

Leak Mitigation Checklist.md

@@ -13,6 +13,13 @@ Examples of sensitive information:
 If someone else leaked confidential information related to you or your company on GitHub, you may ask GitHub to perform a [DMCA takedown](https://help.github.com/articles/dmca-takedown-policy/#f-submitting-notices).
 
 # Table of contents
+[0. How to prevent exposing keys and sensitive information](#0-how-to-prevent-exposing-keys-and-sensitive-information)
+
+* [0.1 Adding a .gitignore file to your code](#01-adding-a-gitignore-file-to-your-code)
+
+* [0.2 Add sensitive files to the list](#02-add-sensitive-files-to-the-list)
+
+* [0.3 Making your app work without keys in the code](#03-making-your-app-work-without-keys-in-the-code)
 
 [1. General advice](#1-general-advice)
 
@@ -30,6 +37,18 @@ If someone else leaked confidential information related to you or your company o
 
 [3. Any question?](#3-any-question)
 
+# 0. How to prevent exposing keys and sensitive information
+Before your first push to a repo, add this simple step to your workflow, which should avoid you having to backtrack and endure the embarrassment. That step is to add a .gitignore file to your code before you push for the first time. The process is simple and will prevent headaches for you and other developers of your project in the future.
+
+## 0.1 Adding a .gitignore file to your code
+Create a new file named .gitignore and save it in the root of your project. This can be done via the terminal or in Finder/Explorer/Linux file manager as needed. The file must have a dot before the "gitignore" part or it won't be recognized exactly like this: ".gitignore" (that is the entire file name, weird, I know, but it's magical).
+
+## 0.2 Add sensitive files to the list
+Since it is difficult to tell what every single developer might possibly name their key files and other secrets, it is easier if you add your specific files to the .gitignore file yourself. All you do is make an entry inside the .gitignore for each file that you don't want shared on the public internet as part of your source code. When you commit the .gitignore file, github automatically looks the other way, and will not include your sensitive files in the repo. It's almost like they planned it!
+
+## 0.3 Making your app work without keys in the code
+A valid question might be "How do I still make my app work without the keys or other sensitive files?" The answer is copy key files to the server where the code is running (usually by hand) so that they stay safe. Typically you would transfer the key file to the server once you've cloned your git repo onto the server. This way, the app still runs and your secret information stays secure. No one ever seems to explain this concept to devs, thus the need for GitGuardian to step in and help keep you safe.
+
 # 1. General advice
 
 ## 1.1. :warning: First thing first: rotate your credentials