diff --git a/package.json b/package.json
index ff37e96..37169da 100644
--- a/package.json
+++ b/package.json
@@ -38,6 +38,7 @@
     "colord": "^2.9.3",
     "compose-middleware": "^5.0.1",
     "compression": "^1.7.4",
+    "cors": "^2.8.5",
     "croner": "^7.0.1",
     "dayjs": "^1.11.9",
     "detect-browser": "^5.3.0",
@@ -83,6 +84,7 @@
   "devDependencies": {
     "@types/bcryptjs": "^2.4.3",
     "@types/compression": "^1.7.2",
+    "@types/cors": "^2.8.15",
     "@types/express": "^4.17.17",
     "@types/jsonwebtoken": "^9.0.2",
     "@types/lodash": "^4.14.198",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 867e883..45f0ca0 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -55,6 +55,9 @@ dependencies:
   compression:
     specifier: ^1.7.4
     version: 1.7.4
+  cors:
+    specifier: ^2.8.5
+    version: 2.8.5
   croner:
     specifier: ^7.0.1
     version: 7.0.1
@@ -186,6 +189,9 @@ devDependencies:
   '@types/compression':
     specifier: ^1.7.2
     version: 1.7.2
+  '@types/cors':
+    specifier: ^2.8.15
+    version: 2.8.15
   '@types/express':
     specifier: ^4.17.17
     version: 4.17.17
@@ -2040,11 +2046,10 @@ packages:
     resolution: {integrity: sha512-XW/Aa8APYr6jSVVA1y/DEIZX0/GMKLEVekNG727R8cs56ahETkRAy/3DR7+fJyh7oUgGwNQaRfXCun0+KbWY7Q==}
     dev: false
 
-  /@types/cors@2.8.13:
-    resolution: {integrity: sha512-RG8AStHlUiV5ysZQKq97copd2UmVYw3/pRMLefISZ3S1hK104Cwm7iLQ3fTKx+lsUH2CE8FlLaYeEA2LSeqYUA==}
+  /@types/cors@2.8.15:
+    resolution: {integrity: sha512-n91JxbNLD8eQIuXDIChAN1tCKNWCEgpceU9b7ZMbFA+P+Q4yIeh80jizFLEvolRPc1ES0VdwFlGv+kJTSirogw==}
     dependencies:
       '@types/node': 18.17.12
-    dev: false
 
   /@types/d3-timer@2.0.1:
     resolution: {integrity: sha512-TF8aoF5cHcLO7W7403blM7L1T+6NF3XMyN3fxyUolq2uOcFeicG/khQg/dGxiCJWoAcmYulYN7LYSRKO54IXaA==}
@@ -3361,7 +3366,7 @@ packages:
     engines: {node: '>=10.2.0'}
     dependencies:
       '@types/cookie': 0.4.1
-      '@types/cors': 2.8.13
+      '@types/cors': 2.8.15
       '@types/node': 18.17.12
       accepts: 1.3.8
       base64id: 2.0.0
diff --git a/src/server/main.ts b/src/server/main.ts
index c24b1c4..f30caf5 100644
--- a/src/server/main.ts
+++ b/src/server/main.ts
@@ -21,6 +21,7 @@ import { initSocketio } from './ws';
 import { monitorManager } from './model/monitor';
 import { settings } from './utils/settings';
 import { env } from './utils/env';
+import cors from 'cors';
 
 const port = settings.port;
 
@@ -36,7 +37,8 @@ monitorManager.startAll();
 app.use(compression());
 app.use(express.json());
 app.use(passport.initialize());
-// app.use(morgan('tiny'));
+app.use(morgan('tiny'));
+app.use(cors());
 
 // http://expressjs.com/en/advanced/best-practice-security.html#at-a-minimum-disable-x-powered-by-header
 app.disable('x-powered-by');