Skip to main content

How to Enable CORS Headers for Your Application

Enable CORS headers on Cloudways to allow secure cross-domain access for APIs and resources. Step-by-step guide with key notes and limitations.

Written by Syed Abuzar Mehdi
Updated this week

Enabling CORS (Cross-Origin Resource Sharing) headers allows your application to securely share resources—such as APIs, images, fonts, or scripts—with other domains.

By default, web browsers block requests between different domains as a security measure.

However, many modern applications—such as front-end apps, APIs, and third-party integrations—require controlled cross-domain access to function properly.

On the Cloudways Platform, you can easily enable CORS headers for your application without editing server files or configuration manually.

This ensures a quick and consistent setup across all domains linked to your application.

In this guide, you will learn how to enable CORS headers on Cloudways and understand important limitations and behavior to avoid common issues.

How to Enable CORS Headers

Step #1 — Navigate to Applications

  • From the left sidebar, click on Flexible, then select My Applications to view your applications list.

Step #2 — Select Your Application

  • From the Applications list, click on the application name where you want to enable CORS headers.

Step #3 — Open Application Settings

  • In the left menu, click on Application Settings to access configuration options for your application.

Step #4 — Locate CORS Header Setting

  • Scroll down to find the CORS Header option under Application Settings.

Step #5 — Enable CORS Header

  • Toggle the CORS Header option to enable it for your application.

  • In the confirmation popup, click Confirm to apply the changes.

Step #6 — Verify CORS Header is Enabled

  • Once enabled, the CORS Header status will show as enabled, confirming that cross-origin requests are now allowed.

Important Notes

  • When enabled, CORS Headers are applicable on all the domains mapped to the application.

  • Enabling CORS Headers through the platform will override the CORS Headers entries in the .htaccess file or in the application web files.

  • At present, Cloudways only supports wildcard (*) CORS Headers.

  • CORS Headers are enabled on CloudwaysCDN by default. Use this option only if you have the need for cross-domain resource sharing at application-level domains.

  • There is no separate setting to enable/disable CORS Headers for CloudwaysCDN.

That’s it! We hope this article was helpful.

Need Help?

If you need assistance, feel free to:

We're here 24/7 to help you!

Did this answer your question?