Enable CORS to Resolve Web Font Issues

Sites deployed after June 23, 2019 will automatically have CORS enabled for webfonts. However, if you notice that font files aren’t loading correctly, or receive an error in the Browser Console about ‘Access-Control-Allow-Origin’ headers, then you need to modify your server config. The following steps will need to be performed with a Sudo User.

Start by connecting to the server using SSH and open the site’s static-files.conf file:

sudo nano /etc/nginx/sites-available/{DOMAIN}/server/static-files.conf

Find the following location block:

# Cache WebFonts.
location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
    expires 1y;
    access_log off;
}

Then add the Access-Control-Allow-Origin header, like so:

# Cache WebFonts.
location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
    expires 1y;
    access_log off;
    add_header Access-Control-Allow-Origin *;
}

Test that the configuration is correct using sudo nginx -t. If everything looks good, reload Nginx:

sudo service nginx reload

Repeat for each site on the server which is experiencing CORS issues.

Ready to give SpinupWP a try?

Not sure if SpinupWP is the right fit for you? Send us an email at sudo@spinupwp.com and we’ll give you our no-BS opinion.

Subscribe to get the latest news, updates and optimizations in performance and security.

Thanks for subscribing 👍

To receive awesome stuff, you'll need to head to your inbox and click on the verification link we sent you.
Make sure to check your "spam" folder or your "promotions" tab (if you have Gmail).
If you're still having trouble, then messages us at sudo@spinupwp.com.