It's currently impossible to add custom files to a ".well-known" directory in the root of a website. We need to be able to create arbitrary files in this directory to support various site verification and configuration needs.

For example the .well-known/com.apple.remotemanagement, required by Apple to enable user device enrolments: https://developer.apple.com/documentation/devicemanagement/user_enrollment/onboarding_users_with_account_sign-in/implementing_the_simple_authentication_user-enrollment_flow

But many other examples exists, including security.txt: https://securitytxt.org/