How to enable Cross-Origin Resource Sharing (CORS)

This article describes how to enable Cross-Origin Resource Sharing (CORS) for your site. CORS enables web browsers to access resources at a different location from where the web application is running. For example, if you have an application running on that requests resources from, the server on must allow such requests.

If you are using secure (https://) connections with cross-origin resource sharing, make sure the servers have valid and trusted SSL certificates. Even if CORS is enabled correctly on the server, some browsers (such as Firefox) do not complete cross-origin requests if the SSL certificate itself is invalid.

Enabling CORS

To enable CORS, you must configure the web server to send an HTTP header that permits remote access to its resources.

To do this, create or modify the .htaccess file in the directory where you want to permit CORS requests. Add the following line to the .htaccess file:

Header set Access-Control-Allow-Origin "*"


More Information

For more information about CORS, please visit

Did you find this article helpful? Then you'll love our support. Experience the A2 Hosting difference today and get a pre-secured, pre-optimized website. Check out our web hosting plans today.

We use cookies to personalize the website for you and to analyze the use of our website. You consent to this by clicking on "I consent" or by continuing your use of this website. Further information about cookies can be found in our Privacy Policy.