How to verify Google Search Console
TL;DR
For most sites, verify a URL prefix property with the HTML meta tag method. Paste the tag through your platform's SEO field or head-injection point, not directly into a theme file, so verification survives theme switches and plugin updates.
Google Search Console reports what Google sees on your site: which pages are indexed, what queries they appear for, which Core Web Vitals fail on real visitors, and which security or manual action issues are flagged against the domain. Before any of that data appears, Google needs to confirm you own the site. That step is verification.
The route that works for most small and mid-sized sites is the URL prefix property with the HTML tag method. The flow itself takes about five minutes. Where the meta tag goes is the part that varies by platform, and the next sections cover the main ones.
Choose the right property type
When you start a property at search.google.com/search-console, Search Console asks whether you want a Domain property or a URL prefix property. Google's Add a website property help page covers both routes in detail.
A Domain property covers every subdomain and protocol under your domain in one go (https, http, www, m, blog, shop, and so on). It is the cleanest option, but it requires access to DNS records at your domain registrar. If your DNS is managed by someone else, or you are not sure where to find it, this method is a dead end.
A URL prefix property covers only the URLs that begin with the exact address you submit, like https://www.example.com/. It is narrower in scope, but it accepts more verification methods, including the HTML tag that Search Console generates for you. For most sites running on a single domain and protocol, this is the practical starting point. A Domain property can always be added later once DNS access is sorted.
Use the HTML tag method first
After typing the URL and continuing, Search Console offers a recommended verification method (HTML file upload) and a list of others under "Other verification methods".
The HTML file method works if you can upload arbitrary files to your site root. Most managed platforms (Shopify, Squarespace, Wix, Webflow) do not give that level of access, so the HTML tag is usually the path of least resistance. It is a single line of code that goes inside the homepage <head>, and every modern site builder exposes a way to paste it there.
The tag looks like <meta name="google-site-verification" content="vMSwxGrD0EDRRvcp..." />, with a unique value in the content attribute. Copy the full tag from the verification screen. Once it is live on your homepage, return to Search Console and click Verify. Google's reference for all six methods is on the Verify your site ownership help page.
Google rechecks the tag periodically and unverifies the property if it disappears. A theme update, a plugin deactivation, or a site migration that strips the tag will quietly invalidate verification, and access to the data drops out a few days later. Adding the tag in a place that survives deploys and template changes matters more than the verification itself.
Where to paste the meta tag
WordPress (.org)
The most stable path is through an SEO plugin. Yoast SEO, Rank Math, and All in One SEO each expose a Google Search Console field that injects the tag into the <head> of every page. In Yoast: Yoast SEO > Settings > Site connections. In Rank Math: Rank Math > General Settings > Webmaster Tools. In All in One SEO: All in One SEO > General Settings > Webmaster Tools. Paste the full tag (the plugin extracts the content value automatically). The benefit over editing header.php directly is that the tag survives theme switches and updates.
WordPress.com
On hosted WordPress.com, go to Tools > Marketing > Traffic > Site verification services and paste the tag in the Google field. The full walkthrough is on the WordPress.com support site. Available on the Premium plan and above; free and Personal plans cannot add custom verification tags, so the alternative is to verify via Google Analytics if it is already connected.
Shopify
In the Shopify admin, go to Online Store > Themes, click the three dots next to your live theme, and choose Edit code. Open theme.liquid from the Layout folder, find the closing </head> tag, and paste the meta tag immediately above it. Save and click Verify in Search Console. Shopify also documents the related Verify your domain flow.
Two things tend to trip up Shopify verification. First, if the storefront is password-protected (the development storefront state for new stores), Googlebot cannot reach the homepage, and verification will fail. Remove the password under Online Store > Preferences first. Second, the tag lives in the active theme, so a theme switch leaves it behind. Re-paste it on any new theme before going live.
Wix
Wix has a native integration that handles verification, sitemap submission, and indexing requests in one step. Go to Marketing & SEO > SEO Tools > Tools and settings > Google Search Console > Connect, sign in with Google, and confirm. This route is available only on Premium plans with a connected custom domain.
On a free plan, paste the tag manually instead: Settings > Custom Code > + Add Custom Code, set placement to All pages and location to Head, paste the tag, and apply. Wix's meta tag verification article covers the full path.
Squarespace
In the site dashboard, go to Settings > Advanced > Code Injection, paste the tag in the Header field, and Save. Code Injection is available on the Business plan and above; the Squarespace help article covers both routes.
On Personal plans, the alternative is the built-in connection: Analytics > Search Keywords > Connect, which uses Google OAuth instead of a meta tag. The connection still verifies your site with Search Console; the meta tag method just is not accessible at that plan level.
Webflow
Two options. The dedicated SEO field is at Site settings > SEO > Google site verification (Webflow docs), which takes the content value only (the long string inside the content="..." attribute, not the full tag). The other option is Site settings > Custom code > Head Code, which accepts the entire <meta> tag. Either works. Publish the site after saving so the change reaches the live domain.
Frameworks and custom builds
On a Next.js site (typical for Vercel and most modern Netlify deployments), set the verification field on the Metadata API in your root app/layout.tsx. Pass the content value, not the surrounding <meta> tag:
export const metadata = { verification: { google: "vMSwxGrD0EDRRvcp..." } }
Next.js renders the full meta tag into the <head> of every page. The same pattern applies on Astro (via the Head component or astro:seo), SvelteKit (<svelte:head> in the root layout), and Eleventy (the layout template). The principle is the same on all of them: put the tag in a global head component that ships through the build, not in a generated file you might overwrite.
On a hand-rolled static site, paste the tag inside the <head> of the homepage HTML. If pages share an include or template partial for head content, paste it there instead. Verifying a site with no shared head template means re-pasting the tag on every page that might be the verified URL, which works in a pinch but is fragile.
Other platforms in brief
Magento and Adobe Commerce. Admin > Content > Configuration > [your store view] > HTML Head > Scripts and Style Sheets. Paste the tag and save. The change applies to that store view. Adobe Commerce docs.
Umbraco. Edit the master template (the layout that wraps every page) and paste the tag inside the <head> block. If the project uses a shared partial for head metadata, paste it there so it survives template forks. Umbraco DXP integration guide.
one.com Website Builder, GoDaddy, and Lovable. Each exposes a custom-code or header-injection field, though the path varies by version. If the field is not obvious, the alternative methods on the verification screen (Google Analytics, Google Tag Manager, Domain name provider) are usually the fastest fall-back. If GA4 or Google Tag Manager is already running on the site, those one-click options finish in seconds without touching code.
Cloudflare. Cloudflare is a CDN and DNS provider, not a place to verify Search Console. If Cloudflare manages the domain DNS, the Domain property method (a TXT record at the registrar) becomes the cleanest option, since it covers every subdomain and protocol in one go. The HTML tag still lives on the origin site, not in Cloudflare.
What can interrupt verification
A handful of things tend to cause silent failures:
- The homepage redirects to a different URL than the one used to create the property. The tag has to be on the exact URL registered, including www/non-www and trailing slash.
- A staging or password-protected site that Googlebot cannot fetch.
- A caching layer (Cloudflare, Varnish, WP Super Cache) serving an older version of the page where the tag has not yet propagated. A cache purge usually clears this.
- A theme or plugin update that removes the tag from the head. Search Console rechecks periodically and unverifies the property if it cannot find the tag.
- Verification ID copied without the full content string, or with surrounding quotes included.
If verification fails, view the page source in a browser (right-click > View Page Source) and search for google-site-verification. If the string is not in the raw HTML, the tag has not been added correctly or is being injected only after JavaScript runs, which Google may not pick up reliably.
After verification
Once the property is verified, three things are worth doing in the same session:
- Submit your XML sitemap under
Indexing > Sitemaps. Most platforms expose it at/sitemap.xml. Submitting it speeds up the first round of indexing. (Build and submit a sitemap.) - Add anyone else who needs access under
Settings > Users and permissions. Owner sparingly; Full or Restricted is enough for most team members. (Manage users, owners, and permissions.) - Connect to Google Analytics 4 if you use it, so Search Console queries surface alongside session data. The connection is set up from inside GA4 under
Admin > Property settings > Product links > Search Console links. (GA4 + Search Console integration.)
Performance reports start populating within a few days. Coverage and Core Web Vitals data builds over the following weeks as Googlebot recrawls the site and field measurements accumulate. Until then, the value of having Search Console connected is mostly potential. The work pays off the first time something breaks and the report shows you what.
Further reading
Google references:
- Verify your site ownership — the canonical reference for all six methods (HTML file, HTML tag, Google Analytics, Google Tag Manager, Domain name provider, Google Sites).
- Add a website property to Search Console — Domain vs URL prefix, scope, and switching between them.
- Build and submit a sitemap — sitemap formats, size limits, and how to surface multiple sitemaps via a sitemap index.
- Manage users, owners, and permissions — the difference between Owner, Full, and Restricted access.
Platform-specific docs:
- WordPress (.org): Yoast · Rank Math · All in One SEO
- WordPress.com site verification
- Shopify: verify your domain
- Wix: native integration · meta tag method
- Squarespace: verifying with Google Search Console
- Webflow: Google site verification
- Next.js: generateMetadata reference
- Adobe Commerce: HTML head and meta data
- Umbraco: Google Search Console integration
If you want a checklist of the things that depend on having Search Console verified (sitemap submission, Bing Webmaster Tools, Core Web Vitals monitoring, redirect audits), the SEO checklist on Addy lays them out by platform.