diff --git a/src/main/java/com/committers/snowflowerthon/committersserver/auth/config/CorsConfig.java b/src/main/java/com/committers/snowflowerthon/committersserver/auth/config/CorsConfig.java
deleted file mode 100644
index afda946..0000000
--- a/src/main/java/com/committers/snowflowerthon/committersserver/auth/config/CorsConfig.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package com.committers.snowflowerthon.committersserver.auth.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-import org.springframework.web.filter.CorsFilter;
-
-@Configuration
-public class CorsConfig {
-    @Bean
-    public CorsFilter corsFilter() {
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        CorsConfiguration config = new CorsConfiguration();
-        config.setAllowCredentials(true);
-//        config.addAllowedOrigin("*"); // 모든 ip에 응답 허용
-//        config.addAllowedHeader("*"); // 모든 헤더에 응답 허용
-//        config.addAllowedMethod("*"); // 모든 http 메소드에 요청 허용
-//        source.registerCorsConfiguration("/api/**", config);
-
-        config.addAllowedOrigin("http://localhost");
-        config.addAllowedOrigin("http://localhost:*");
-        config.addAllowedOrigin("http://localhost:5173");
-        config.addAllowedOrigin("https://kidari.site");
-        config.addAllowedOrigin("https://api.github.com"); // 깃허브 API 도메인
-        config.addAllowedOrigin("https://github.com"); // 깃허브 인증 센터 도메인
-
-        config.addAllowedHeader("*");
-        config.addAllowedMethod("*");
-        source.registerCorsConfiguration("/api/**", config);
-
-        return new CorsFilter(source);
-    }
-}
diff --git a/src/main/java/com/committers/snowflowerthon/committersserver/auth/config/SecurityConfig.java b/src/main/java/com/committers/snowflowerthon/committersserver/auth/config/SecurityConfig.java
index f7ec77f..0c41503 100644
--- a/src/main/java/com/committers/snowflowerthon/committersserver/auth/config/SecurityConfig.java
+++ b/src/main/java/com/committers/snowflowerthon/committersserver/auth/config/SecurityConfig.java
@@ -6,6 +6,7 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
@@ -15,6 +16,7 @@
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 import java.util.Collections;
 
@@ -22,7 +24,6 @@
 @EnableWebSecurity
 @RequiredArgsConstructor
 public class SecurityConfig {
-    private final CorsConfig corsConfig;
     private final JwtFilter jwtFilter;
     private final OAuth2SuccessHandler successHandler;
     private final CustomOAuth2UserService customOAuth2UserService;
@@ -46,24 +47,27 @@ public BCryptPasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
     }
 
-    CorsConfigurationSource corsConfigurationSource() {
-        return request -> {
-            CorsConfiguration config = new CorsConfiguration();
-            config.setAllowedHeaders(Collections.singletonList("*"));
-            config.setAllowedMethods(Collections.singletonList("*"));
-            config.setAllowedOriginPatterns(Collections.singletonList("http://localhost:3000"));
-            config.setAllowedOriginPatterns(Collections.singletonList("https://kidari.site"));
-            config.setAllowedOriginPatterns(Collections.singletonList("https://kidari.site:3000"));
-            config.setAllowCredentials(true);
-            return config;
-        };
+    @Bean
+    public CorsConfigurationSource corsConfigurationSource() {
+
+        CorsConfiguration config = new CorsConfiguration();
+        config.setAllowedHeaders(Collections.singletonList("*"));
+        config.setAllowedMethods(Collections.singletonList("*"));
+        config.addAllowedOriginPattern("http://localhost:3000");
+        config.addAllowedOriginPattern("https://kidari.site");
+        config.addAllowedOriginPattern("https://kidari.site:3000");
+        config.setAllowCredentials(true);
+
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);
+        return source;
     }
 
     @Bean
     protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
                 .httpBasic(HttpBasicConfigurer::disable)
-                .cors(corsConfigurer -> corsConfigurer.configurationSource(corsConfigurationSource()))
+                .cors(Customizer.withDefaults())
                 .csrf(AbstractHttpConfigurer::disable)
                 .formLogin(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests((authorizeRequests) -> {