Access Control Allow Origin & CDN

  • Hello guys

    I got an issue with the ithemes security plugin when enable with my CDN configuration.
    Indeed it detect the subdomain of CDN as threat and it blocks the ressources as an external domain.

    Example:

    Access to font at ‘https://cdn2.domain.blablabla’
    from origin ‘https://domain’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

    Do you have an idea where i can tell the plugin to allow it ?

    I tried on htaccess but without any success:

    <IfModule mod_headers.c>
    Header add Access-Control-Allow-Origin “*”
    Header add Access-Control-Allow-Origin “https://cdn2.domain.com/&#8221;
    Header add Access-Control-Allow-Origin “https://cdn3.domain.com/&#8221;
    Header add Access-Control-Allow-Headers “origin, x-requested-with, content-type”
    Header add Access-Control-Allow-Methods “PUT, GET, POST, DELETE, OPTIONS”
    </IfModule>

    Kind regards

  • The topic ‘Access Control Allow Origin & CDN’ is closed to new replies.