Hey cleavr team,

got a short question: Is the NGINX CORS (ngx_http_headers_module module) included in the nginx versions you install? Just want to know before messing things up.

Best wishes!

Hello @Jeazyee,

Sorry for the late response! I believe the answer to your question is yes. But, can you let us know more about what you’re asking about or trying to do, if anything specific?

We reserve the right to change the answer.

Alright, I just want to create an extra layer of security for a headless WP installation, so it is used only as backend. My goal is that the backend WP Rest API and media files can only be accessed over the frontend origin. I am not very experienced in NGINX, but I guess this would be a way to achieve that goal.

The name of the module for CORS is actually: ngx_http_headers_module

Perhaps it would make sense to provide a list in the documentation of what’s included in the nginx package you install, or is it just the Ubuntu standard?

Thanks for the added details!

We don’t install that particular module.

You can see what modules are installed by SSH’ing into server and run the following:

nginx -V

# or run this for better readibility

nginx -V 2>&1 | tr ' ' '\n'