diff --git a/dj_backend_server/Dockerfile.nginx b/dj_backend_server/Dockerfile.nginx
new file mode 100644
index 00000000..34821296
--- /dev/null
+++ b/dj_backend_server/Dockerfile.nginx
@@ -0,0 +1,7 @@
+# Use the official Nginx image
+FROM nginx
+
+COPY ./nginx/nginx.conf /etc/nginx/nginx.conf.template
+COPY ./entrypoint-nginx.sh /entrypoint-nginx.sh
+RUN chmod +x /entrypoint-nginx.sh
+ENTRYPOINT ["/entrypoint-nginx.sh"]
\ No newline at end of file
diff --git a/dj_backend_server/api/middleware/cors_middleware.py b/dj_backend_server/api/middleware/cors_middleware.py
new file mode 100644
index 00000000..83a3fa6b
--- /dev/null
+++ b/dj_backend_server/api/middleware/cors_middleware.py
@@ -0,0 +1,26 @@
+from django.utils.deprecation import MiddlewareMixin
+from web.models.chatbot import Chatbot
+
+class CorsMiddleware(MiddlewareMixin):
+    def process_response(self, request, response):
+        # Get the origin of the request
+        origin = request.META.get('HTTP_ORIGIN')
+
+        # Check if the origin is in the database
+        origin_in_db = Chatbot.objects.filter(website=origin).exists()
+        # print(f"Origin of the request: {origin}")
+        # print(f"Is the origin in the database: {origin_in_db}")
+
+        if origin_in_db:
+            # Add the 'Access-Control-Allow-Origin' header to the response
+            response['Access-Control-Allow-Origin'] = origin
+            response['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS'
+            response['Access-Control-Allow-Headers'] = 'X-Requested-With, Content-Type, X-Bot-Token'
+
+        # print(f"Website URLs checked: {[chatbot.website for chatbot in Chatbot.objects.all()]}")
+        # print(f"Response status code: {response.status_code}")
+        # print(f"Response content: {response.content}")
+        # print(f"Response headers: {response.headers}")
+
+
+        return response
\ No newline at end of file
diff --git a/dj_backend_server/dj_backend_server/settings.py b/dj_backend_server/dj_backend_server/settings.py
index 324358ee..7de66824 100644
--- a/dj_backend_server/dj_backend_server/settings.py
+++ b/dj_backend_server/dj_backend_server/settings.py
@@ -62,6 +62,7 @@
 MIDDLEWARE = [
     'django.middleware.locale.LocaleMiddleware',
     'django.middleware.security.SecurityMiddleware',
+    'api.middleware.cors_middleware.CorsMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
diff --git a/dj_backend_server/docker-compose.linux.yaml b/dj_backend_server/docker-compose.linux.yaml
index 430aa2de..7dc23c44 100644
--- a/dj_backend_server/docker-compose.linux.yaml
+++ b/dj_backend_server/docker-compose.linux.yaml
@@ -35,6 +35,9 @@ services:
   nginx:
     image: nginx
     container_name: oc_nginx
+    build:
+      context: .
+      dockerfile: Dockerfile.nginx
     restart: unless-stopped
     ports:
       - "80:80"
@@ -46,6 +49,9 @@ services:
       - ./static:/app/web/static/
     networks:
       - openchat_network
+    env_file:
+      - .env.docker
+    #entrypoint: ["/entrypoint-nginx.sh"]  
     depends_on:
       - qdrant
       - mysql
diff --git a/dj_backend_server/entrypoint-nginx.sh b/dj_backend_server/entrypoint-nginx.sh
new file mode 100644
index 00000000..b7088b72
--- /dev/null
+++ b/dj_backend_server/entrypoint-nginx.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# Remove 'http://' or 'https://' prefix from APP_URL
+CLEANED_APP_URL=${APP_URL#http://}
+CLEANED_APP_URL=${APP_URL#https://}
+
+echo "Replacing APP_URL with $CLEANED_APP_URL"
+
+# Define the file path as a variable, for example:
+NGINX_CONF="/etc/nginx/nginx.conf"
+
+sed "s|yourdomain.com|$CLEANED_APP_URL|g" NGINX_CONF > /tmp/nginx.conf
+mv /tmp/nginx.conf NGINX_CONF
+
+# Start your app normally
+# exec nginx -g "daemon off;"
diff --git a/dj_backend_server/nginx/nginx.conf b/dj_backend_server/nginx/nginx.conf
index 5252aa86..e23fe1e7 100644
--- a/dj_backend_server/nginx/nginx.conf
+++ b/dj_backend_server/nginx/nginx.conf
@@ -110,7 +110,7 @@ http {
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Forwarded-Proto $scheme;  # Forward the original scheme (HTTP or HTTPS)
-            proxy_set_header Origin "";  # Optionally forward the Origin header
+            proxy_set_header Origin $http_origin;  # Optionally forward the Origin header
             proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; 
             add_header Cache-Control "public, max-age=2592000";
             add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;  # HSTS header