CORS Issues | WordPress.org

I have been banging my head against the wall on this for over a day now. First, let me break down the stack I am working with.

System: Ubuntu 22.04
Web Server: Apache
Hosting: Linode

The issue is that CORS is not working with AWS CloudFront. I have tried SO many things.

I have all the mods enabled I need on apache (headers, ssl, etc)

I have tried adding this to my /etc/apache2/apache2.conf file:

<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET,POST,PUT,DELETE,OPTIONS"
    Header set Access-Control-Allow-Headers "Content-Type,Authorization,X-Requested-With"
    Header set Access-Control-Allow-Credentials "true"
</IfModule>

This is what my /etc/apache2/sites-available/libertyfitness247.com-le-ssl.conf file looks like:

<IfModule mod_ssl.c>
        <VirtualHost *:443>
                ServerAdmin [email protected]
                ServerName libertyfitness247.com
                ServerAlias www.libertyfitness247.com
                DocumentRoot /var/www/html/libertyfitness247.com/public_html

                ErrorLog /var/www/html/libertyfitness247.com/logs/error.log
                CustomLog /var/www/html/libertyfitness247.com/logs/access.log combined

                <Directory /var/www/html/libertyfitness247.com/public_html>
                        Options Indexes FollowSymLinks MultiViews
                        AllowOverride none

                        # WordPress
                        <IfModule mod_rewrite.c>
                                RewriteEngine On
                                RewriteBase /
                                RewriteRule ^index\.php$ - [L]
                                RewriteCond %{REQUEST_FILENAME} !-f
                                RewriteCond %{REQUEST_FILENAME} !-d
                                RewriteRule . /index.php [L]
                        </IfModule>

                </Directory>

                Include /etc/letsencrypt/options-ssl-apache.conf
                SSLCertificateFile /etc/letsencrypt/live/libertyfitness247.com/fullchain.pem
                SSLCertificateKeyFile /etc/letsencrypt/live/libertyfitness247.com/privkey.pem
        </VirtualHost>
</IfModule>

This is what my behaviour settings are in AWS:

I have added the problem files, all of which are font files, to the “rejected files” settings in the plugin settings:

I’ve run invalidations, cleared cache, etc, etc, etc…. Nothing seems to be able to fix this issue.

I would be so appreciative for any assistance on this issue.

The page I need help with: [log in to see the link]