No 'Access-Control-Allow-Origin' header is present on the requested resource - OpenLiteSpeed Server

Hi there.
I have issues with the CORS Policy, and not sure if this is server (openlitespeed on directadmin) related.

I’m running wordpress on my server
I made a subdomain for all media files so new uploads will load from a subdomain (wp-admin/options.php)

Upload _path = cdn/v
upload_url_path =

Everything went smoothly, but suddenly weeks later custom fonts or new custom fonts are not working anymore that are stored locally on my server on the subdomain…

Access to font at ‘…/roboto–v30-normal-700.woff2…’ from origin ‘’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

On the subdomain i made a .htaccess file in it, but still doesn’t work? What do I forget? Or do i need to change something in directadmin or here in cloudflare, that maybe has been changed since the last time?

on the subdomain i put this htaccess file with this in it (but doens’t work):

<IfModule mod_headers.c>
<FilesMatch ".(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)">
Header set Access-Control-Allow-Origin "*"
</IfModule># END CORS

Just in case if it’s not applied, you could achieve this for a (sub)domain with Cloudflare by modifying the header response via Transform Rules :wink:

Kindly, see the post(s) from below topic for help:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.