jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-20 10:28:40 -05:00
Code Issues Projects Releases Wiki Activity
Files
e7b6146b901bdd3dc83ca9490a562a9f4ac3f28c
docs/content/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages.md
Kevin Heis 39beae4778 Add aria-labels to octicons (#55740)
2025-05-20 16:45:25 -07:00

63 lines
5.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
title: Verifying your custom domain for GitHub Pages
intro: You can increase the security of your custom domain and avoid takeover attacks by verifying your domain.
product: '{% data reusables.gated-features.pages %}'
versions:
fpt: '*'
ghec: '*'
topics:
- Pages
shortTitle: Verify a custom domain
---
## About domain verification for GitHub Pages
When you verify a custom domain for your personal account, only repositories owned by your personal account may be used to publish a {% data variables.product.prodname_pages %} site to the verified custom domain or the domain's immediate subdomains. Similarly, when you verify a custom domain for your organization, only repositories owned by that organization may be used to publish a {% data variables.product.prodname_pages %} site to the verified custom domain or the domain's immediate subdomains.
Verifying your domain stops other GitHub users from taking over your custom domain and using it to publish their own {% data variables.product.prodname_pages %} site. Domain takeovers can happen when you delete your repository, when your billing plan is downgraded, or after any other change which unlinks the custom domain or disables {% data variables.product.prodname_pages %} while the domain remains configured for {% data variables.product.prodname_pages %} and is not verified.
When you verify a domain, any immediate subdomains are also included in the verification. For example, if the `github.com` custom domain is verified, `docs.github.com`, `support.github.com`, and any other immediate subdomains will also be protected from takeovers.<!-- markdownlint-disable-line search-replace -->
{% data reusables.pages.wildcard-dns-warning %}
It's also possible to verify a domain for your organization{% ifversion ghec %} or enterprise{% endif %}, which displays a "Verified" badge on the organization {% ifversion ghec %}or enterprise{% endif %} profile{% ifversion ghec %} and, on {% data variables.product.prodname_ghe_cloud %}, allows you to restrict notifications to email addresses using the verified domain{% endif %}. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization){% ifversion ghec %} and [AUTOTITLE](/enterprise-cloud@latest/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise){% endif %}.
### Verifying a domain that is already taken
You may be verifying a domain you own, which is currently in use by another user or organization, to make it available for your {% data variables.product.prodname_pages %} website. In this case, the domain will be immediately released from {% data variables.product.prodname_pages %} websites which are owned by other users or organizations. If you are attempting to verify an already verified domain (verified by another user or organization), the release process will not be successful.
## Verifying a domain for your user site
> [!NOTE]
> If you dont see the options described below, make sure youre in your **Profile settings**, not your repository settings. Domain verification happens at the profile level.
{% data reusables.user-settings.access_settings %}
1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "browser" aria-hidden="true" aria-label="browser" %} Pages**.
{% data reusables.pages.settings-verify-domain-setup %}
1. Wait for your DNS configuration to change, this may be immediate or take up to 24 hours. You can confirm the change to your DNS configuration by running the `dig` command on the command line. In the command below, replace `USERNAME` with your username and `example.com` with the domain you're verifying. If your DNS configuration has updated, you should see your new TXT record in the output.
```text
dig _github-pages-challenge-USERNAME.example.com +nostats +nocomments +nocmd TXT
```
{% data reusables.pages.settings-verify-domain-confirm %}
## Verifying a domain for your organization site
Organization owners can verify custom domains for their organization.
> [!NOTE]
> If you dont see the options described below, check that youre in your **Organization settings**. Domain verification doesnt take place in repository settings.
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "browser" aria-hidden="true" aria-label="browser" %} Pages**.
{% data reusables.pages.settings-verify-domain-setup %}
1. Wait for your DNS configuration to change. This may be immediate or take up to 24 hours. You can confirm the change to your DNS configuration by running the `dig` command on the command line. In the command below, replace `ORGANIZATION` with the name of your organization and `example.com` with the domain you're verifying. If your DNS configuration has updated, you should see your new TXT record in the output.
```text
dig _github-pages-challenge-ORGANIZATION.example.com +nostats +nocomments +nocmd TXT
```
{% data reusables.pages.settings-verify-domain-confirm %}
Reference in New Issue View Git Blame Copy Permalink