diff --git a/includes/account.php b/includes/account.php
index 1a381b8..1659c0d 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -543,6 +543,7 @@
 				$addy[] = $sub;
 		$_SESSION['_config']['addy'] = $addy;
 		$_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
+		$_SESSION['_config']['httphash'] = make_hash();
 	}
 
 	if($process != "" && $oldid == 8)
@@ -553,6 +554,27 @@
 
 		$authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
 
+		if($authaddy == "http hash")
+		{
+			// get site/cacert-probe.txt and check if it contains the hash.
+			$newhash = file_get_contents('http://'.$_SESSION['_config']['domain'].'/cacert-probe.txt', NULL, NULL, NULL, strlen($_SESSION['_config']['httphash']));
+			if(strlen($newhash) == 0 || $newhash != $_SESSION['_config']['httphash'])
+			{
+				showheader(_("My CAcert.org Account!"));
+				echo _("The hash could not be retrieved from http://".$_SESSION['_config']['domain'].'/cacert-probe.txt , or it did not match.');
+				showfooter();
+				exit;
+			}
+			$query = "insert into `domains` set
+					`domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
+					`memid`='".$_SESSION['profile']['id']."',
+					`created`=NOW(), `modified`=NOW(), `hash`=''";
+			mysql_query($query);
+			showheader(_("Updated"), _("Updated"));
+			echo _("Your domain has been verified. You can now start issuing certificates for this domain.<br>You can remove cacert-probe.txt from your website.");
+			exit;
+		}
+
 		if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
 		{
 			showheader(_("My CAcert.org Account!"));
diff --git a/pages/account/8.php b/pages/account/8.php
index 79448d1..f25ba7f 100644
--- a/pages/account/8.php
+++ b/pages/account/8.php
@@ -19,7 +19,14 @@
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
 
   <tr>
-    <td colspan="2" class="title"><?=_("Please choose an authority email address")?></td>
+    <td colspan="2" class="title"><?=sprintf(_("HTTP: please create a file named %s in the root of your web server containing only this key"), "cacert-probe.txt")?></td>
+  </tr>
+  <tr>
+    <td class="DataTD" width="75"><input type="radio" name="authaddy" value="http hash"<? if($tagged == 0) { echo " checked=\"checked\""; $tagged = 1; } ?> /></td>
+    <td class="DataTD" width="175"><?=$_SESSION['_config']['httphash']?></td>
+  </tr>
+  <tr>
+    <td colspan="2" class="title"><?=_("E-mail: please choose an authority email address")?></td>
   </tr>
 <? $tagged=0;
   if(is_array($_SESSION['_config']['addy']))