Currently Bitbucket Server allows administrators to prevent history rewrites on a per-repository basis. For customers from certain industries with strict regulatory requirements (such as banking and healthcare) it is essential that the repository history is trustworthy and non-modifiable through history rewrites. In those situations it is tedious to manually enable the option to prevent history rewrites in every repository.
Additionally, while a Bitbucket Server administrator can enable the option in a repository, an administrator of that repository can disable the option again, and every user can toggle history rewrites on their own personal repositories, which makes it impossible to guarantee the required history integrity.
An option should be added that allows a Bitbucket Server administrator to disable history rewrites for all repositories (including personal ones) with the option of not allowing project/repo administrators to override the setting.
There is currently no workaround available that cannot be overridden.