چۈشەندۈرۈش
DecaRoy Site Helper is a minimal plugin that adds a single REST API
endpoint to read, write, and delete a Google Site Verification meta tag
that is then injected into the document <head> on every page.
The plugin is intended for sites managed programmatically by automation
tools that need to verify domain ownership in Google Search Console
without giving the automation tool FTP or filesystem access.
Features
- Single REST endpoint at
/wp-json/decaroy/v1/head-meta - GET — read current configuration
- POST — set the Google Site Verification token (validated against
Google’s expected format) - DELETE — remove the configured token
- Token is rendered as
<meta name="google-site-verification" ...>
in the <head> viawp_headaction - No tracking, no phone-home, no remote calls
- No database tables, no cron jobs
How it works
When a token is set via POST, it is stored in a single WordPress option
(decaroy_gsc_verification_token). On every page render, the plugin
hooks into wp_head and emits a meta tag with the token. Google can
then read that meta tag during the verification step, after which the
domain becomes available to the verifying account in Search Console.
Authentication uses standard WordPress capabilities: the requesting
user must have manage_options (typically administrators). Pair with
WordPress Application Passwords for headless authentication.
ئورنىتىش
- Upload the plugin folder to
/wp-content/plugins/or install
directly through the WordPress plugins screen. - Activate the plugin through the Plugins screen in WordPress.
-
Use the REST endpoint to set a token:
POST /wp-json/decaroy/v1/head-meta
Content-Type: application/json
Body: {«gsc_verification_token»: «abcd…your-token…»}
FAQ
-
Does this plugin track my visitors?
-
No. The plugin makes no remote calls and stores no data beyond the
single Google Site Verification token in WordPress options. -
Is the meta tag visible to anyone?
-
Yes. By design, Google Site Verification meta tags are visible in the
HTML source — that is how Google verifies them. The token itself is
not sensitive: knowing it does not grant any access. -
What capability does the REST endpoint require?
-
manage_options. Only administrators can read or write the token.
-
Currently the plugin handles only the
google-site-verificationmeta
tag. Future versions may add support for additional meta tags.
باھالاشلار
بۇ قىستۇرمىغا تېخى باھا يېزىلمىدى.
تۆھپىكار ۋە ئىجادكار
«DecaRoy Site Helper» كودى ئوچۇق يۇمشاق دېتال. تۆۋەندىكى كىشىلەر بۇ قىستۇرمىغا تۆھپە قوشقان.
تۆھپىكار
«DecaRoy Site Helper» نى تىلىڭىزغا تەرجىمە قىلىڭ
ئىجادىيەتكە قىزىقامسىز؟
كودقا كۆز يۈگۈرتۈپ، SVN خەزىنە تەكشۈرۈپ ياكى RSSئارقىلىق ئىجادىيەت خاتىرىسىگە مۇشتەرى بولغىلى بولىدۇ.
ئۆزگىرىش خاتىرىسى
1.0.2
- Corrected Contributors username in readme to match the actual
WordPress.org account that owns this plugin. No code changes.
1.0.1
- Removed Plugin URI (the plugin does not have a dedicated landing page).
Author URI points to the author’s site.
1.0.0
- Initial release.
- REST endpoint to manage Google Site Verification meta tag.
wp_headinjection of the configured tag.