Is it OK to add site verification files to public source control?

1k views Asked by At

When submitting my website to Google and Bing they require I verify it by (for example) uploading a file.

This file, if I have understood, should not be removed because they recheck it regularly and removing it would mean I'd lose access and need to verify it again.

Given that the source of this website is available publicly on GitHub, is it safe/ok add these verification files to source control? Or would that add a risk of some sort?

1

There are 1 answers

2
Chris On BEST ANSWER

Since the verification file is within the web servers root structure, and Google needs to access it to read its contents - Technically anyone could read it if they wanted by going to http://mysite.example.com/verification.html.

With that in mind, I wouldn't add it to the github repository as it isn't something anyone would need to either clone the repository and create their own version, or fork and create change requests. It doesn't have any value to anyone other than you.