diff --git a/src/main/java/com/example/bigbrotherbe/global/filter/CustomerCorsFilter.java b/src/main/java/com/example/bigbrotherbe/global/filter/CustomerCorsFilter.java
index 4e96940..9f1f828 100644
--- a/src/main/java/com/example/bigbrotherbe/global/filter/CustomerCorsFilter.java
+++ b/src/main/java/com/example/bigbrotherbe/global/filter/CustomerCorsFilter.java
@@ -9,6 +9,8 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
+import java.util.Arrays;
+import java.util.List;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
@@ -16,14 +18,23 @@
 @Component
 @Order(Ordered.HIGHEST_PRECEDENCE)
 public class CustomerCorsFilter implements Filter {
+    private final List<String> allowedOrigins = Arrays.asList(
+        "http://api.mju-bigbrother.xyz:3000",
+        "https://api.mju-bigbrother.xyz",
+        "http://localhost:8080",
+        "http://api.mju-bigbrother.xyz",
+        "http://api.mju-bigbrother.xyz:8080"
+    );
 
     @Override
     public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
         HttpServletRequest request = (HttpServletRequest) req;
         HttpServletResponse response = (HttpServletResponse) res;
 
-        response.setHeader("Access-Control-Allow-Origin", "http://api.mju-bigbrother.xyz:3000, http://localhost:8080");
-
+        String origin = request.getHeader("Origin");
+        if (allowedOrigins.contains(origin)) {
+            response.setHeader("Access-Control-Allow-Origin", origin);
+        }
         // CORS 허용한 Origin
         response.setHeader("Access-Control-Allow-Credentials", "true");
         // 자격이 포함된 요청 받기