diff --git a/ansible/group_vars/faucet-master.yml b/ansible/group_vars/faucet-master.yml
index 6a70355..a86c655 100644
--- a/ansible/group_vars/faucet-master.yml
+++ b/ansible/group_vars/faucet-master.yml
@@ -5,3 +5,4 @@ faucet_account_pass: '{{lookup("passwordstore", "services/faucet/account-pass")}
 faucet_account_addr: '{{lookup("passwordstore", "services/faucet/account-addr")}}'
 faucet_account_json: '{{lookup("passwordstore", "services/faucet/account-json")}}'
 faucet_domain: 'faucet-{{ stage }}.status.im'
+faucet_cors_rule: '^https?://.*\.infura\.status.im'
diff --git a/ansible/roles/faucet/README.md b/ansible/roles/faucet/README.md
index bfdc2a5..817aecc 100644
--- a/ansible/roles/faucet/README.md
+++ b/ansible/roles/faucet/README.md
@@ -11,6 +11,7 @@ faucet_account_json: '{"wallet":"json"}'
 faucet_account_pass: 'very-secret-password'
 faucet_network: 'rinkeby-faucet.example.org'
 faucet_domain: 'rinkeby'
+faucet_cors_rule: '.*'
 ```
 
 # API
diff --git a/ansible/roles/faucet/defaults/main.yml b/ansible/roles/faucet/defaults/main.yml
index 1c990db..5968e34 100644
--- a/ansible/roles/faucet/defaults/main.yml
+++ b/ansible/roles/faucet/defaults/main.yml
@@ -4,6 +4,7 @@ faucet_account_addr: ~
 faucet_account_json: ~
 faucet_domain: ~
 faucet_network: ~
+faucet_cors_rule: ~
 
 faucet_cont_tag: 'fixed'
 faucet_cont_image: 'statusteam/faucet:{{ faucet_cont_tag }}'
diff --git a/ansible/roles/faucet/templates/cors-setup.conf.j2 b/ansible/roles/faucet/templates/cors-setup.conf.j2
new file mode 100644
index 0000000..06453c1
--- /dev/null
+++ b/ansible/roles/faucet/templates/cors-setup.conf.j2
@@ -0,0 +1,10 @@
+        # This enables CORS for all status.im subdomains
+        if ($http_origin ~* '{{ faucet_cors_rule | mandatory }}') {
+            add_header 'Access-Control-Allow-Origin' "$http_origin";
+            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT';
+            add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
+            add_header 'Access-Control-Allow-Credentials' 'true';
+        }
+        if ($request_method = OPTIONS) {
+            return 204;
+        }
diff --git a/ansible/roles/faucet/templates/faucet-proxy.conf.j2 b/ansible/roles/faucet/templates/faucet-proxy.conf.j2
index 6c78c4b..8d5602f 100644
--- a/ansible/roles/faucet/templates/faucet-proxy.conf.j2
+++ b/ansible/roles/faucet/templates/faucet-proxy.conf.j2
@@ -14,5 +14,8 @@ server {
 
     location / {
         proxy_pass http://127.0.0.1:{{ faucet_http_port }}/;
+
+        {% include "cors-setup.conf.j2" %}
+
     }
 }