Snort.social requires header HTTP access to CORS Access-Control-Allow-Origin for Lightning tips / zaps. On NGINX add to `/etc/nginx/sites-available/yourdomain` `add_header 'Access-Control-Allow-Origin' '*';` See below:
```
server {
location /.well-known/lnurlp {
rewrite ^/.well-known/lnurlp/
add_header 'Access-Control-Allow-Origin' '*';
}
}
```
> Test nginx for errors with command (might need sudo): nginx -t
> Reload nginx (might need sudo): systemctl reload nginx
In Apache2 you need to enable mod_header on server side (a2enmod headers) and then add to .htaccess or apache config file appropriately:
In .htaccess:
```
Header set Access-Control-Allow-Origin "*"
```
> Test Apache for errors with command (might need sudo): apachectl -t
> Reload Apache (might need sudo): apachectl -k graceful
To test if CORS Access-Control-Allow-Origin * is added, you can use curl command in console.
> curl -I https://yourdomain.tld/.well-known/lnurlp/yourname
or you can use https://test-cors.org/, input the full URL as above and do a 'HEAD' HTTP response test. You should get 200 OK.
Will update my guide at orangepill.dev so that it’s more cleaner to read and copy.
