diff --git a/src/main/java/com/dnd/moddo/common/config/WebConfig.java b/src/main/java/com/dnd/moddo/common/config/WebConfig.java
index a167020..65cd38e 100644
--- a/src/main/java/com/dnd/moddo/common/config/WebConfig.java
+++ b/src/main/java/com/dnd/moddo/common/config/WebConfig.java
@@ -19,8 +19,17 @@ public class WebConfig implements WebMvcConfigurer {
 
 	@Override
 	public void addCorsMappings(CorsRegistry registry) {
+		List<String> corsAllowedOrigins = frontendProperties.corsAllowedOrigins();
+		String[] allowedOrigins = corsAllowedOrigins.stream()
+			.filter(origin -> !origin.contains("*"))
+			.toArray(String[]::new);
+		String[] allowedOriginPatterns = corsAllowedOrigins.stream()
+			.filter(origin -> origin.contains("*"))
+			.toArray(String[]::new);
+
 		registry.addMapping("/**")
-			.allowedOrigins(frontendProperties.corsAllowedOrigins().toArray(String[]::new))
+			.allowedOrigins(allowedOrigins)
+			.allowedOriginPatterns(allowedOriginPatterns)
 			.allowedMethods("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")
 			.allowedHeaders("*")
 			.exposedHeaders("Access-Control-Allow-Origin", "Access-Control-Allow-Credentials")
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 81dc0dd..9bbec5f 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -44,6 +44,8 @@ cookie:
 frontend:
   cors-allowed-origins:
     - https://www.moddo.kr
+    - https://moddo-frontend.pages.dev
+    - https://*.moddo-frontend.pages.dev
     - http://localhost:3000
     - http://localhost:4173
   redirect-allowed-origins:
@@ -74,4 +76,3 @@ spring:
 
 
 
-