diff --git a/configure-script.js b/configure-script.js
index f688f1d..5ae5ee7 100644
--- a/configure-script.js
+++ b/configure-script.js
@@ -29,7 +29,8 @@ const question = (prompt, def = null) => {
 (async () => {
 	//project configuration
 	const appName = await question('App Name', 'auth');
-	const appWebAddress = await question('Web Addr', `${appName}.example.com`);
+	const appWebOrigin = await question('Web Origin', `example.com`);
+	const appWebAddress = await question('Web Addr', `${appName}.${appWebOrigin}`);
 	const postValidationHookArray = await question('Post Validation Hook Array', '');
 	const resetAddress = await question('Reset Addr', `example.com/reset`);
 	const appPort = await question('App Port', '3200');
@@ -70,6 +71,7 @@ services:
       - "traefik.http.services.${appName}service.loadbalancer.server.port=${appPort}"
     environment:
       - WEB_PROTOCOL=https
+      - WEB_ORIGIN=${appWebOrigin}
       - WEB_ADDRESS=${appWebAddress}
       - HOOK_POST_VALIDATION_ARRAY=${postValidationHookArray}
       - WEB_RESET_ADDRESS=${resetAddress}
diff --git a/package-lock.json b/package-lock.json
index 9ad3760..239164f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "auth-server",
-  "version": "1.6.0",
+  "version": "1.6.1",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "auth-server",
-      "version": "1.6.0",
+      "version": "1.6.1",
       "license": "ISC",
       "dependencies": {
         "bcryptjs": "^2.4.3",
diff --git a/package.json b/package.json
index 43ffe7f..aaa4841 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "auth-server",
-  "version": "1.6.0",
+  "version": "1.6.1",
   "description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
   "main": "server/server.js",
   "scripts": {
diff --git a/server/server.js b/server/server.js
index 6d1bd61..07903af 100644
--- a/server/server.js
+++ b/server/server.js
@@ -13,7 +13,7 @@ app.use(express.json());
 
 app.use(cors({
 	credentials: true,
-	origin: [`${process.env.WEB_PROTOCOL}://${process.env.WEB_ADDRESS}`],
+	origin: [`${process.env.WEB_PROTOCOL}://${process.env.WEB_ORIGIN}`],
 	allowedHeaders: ['Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Authorization', 'Set-Cookie'],
 	exposedHeaders: ['Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Authorization', 'Set-Cookie'],
 }));