Tutorial | Open edX Nutmeg with Tutor 14 on Ubuntu 20 and disabling rate limiting step by step

Hi,

I am new to Open edX and wanted to disable CORS (i.e. set CORS_ORIGIN_ALLOW_ALL to true) on my server to have smooth API access. I was not being able to access the APIs from Postman. Below are the logs for a request from postman which was getting errors :

lms_1                        | 2022-06-10 10:39:19,654 INFO 7 [tracking] [user 63] [ip 49.36.81.222] logger.py:41 - {"name": "/account/password", "context": {"user_id": 63, "path": "/account/password", "course_id": "", "org_id": "", "enterprise_uuid": ""}, "username": "apitestishan", "session": "14edc7bf2d30f64dc815fb969bc63f3e", "ip": "49.36.81.222", "agent": "PostmanRuntime/7.29.0", "host": "subdomain.domain.com", "referer": "https://subdomain.domain.com", "accept_language": "", "event": "{\"GET\": {}, \"POST\": {\"email\": [\"ishansheth@test.io\"]}}", "time": "2022-06-10T10:39:19.653930+00:00", "event_type": "/account/password", "event_source": "server", "page": null}

lms_1                        | 2022-06-10 10:39:19,673 INFO 7 [openedx.core.djangoapps.cors_csrf.helpers] [user 63] [ip 49.36.81.222] helpers.py:64 - Origin 'https://subdomain.domain.com' was not in `CORS_ORIGIN_WHITELIST`; full referer was 'https://subdomain.domain.com' and requested host was 'subdomain.domain.com'; CORS_ORIGIN_ALLOW_ALL=False

lms_1                        | 2022-06-10 10:39:19,677 WARNING 7 [django.security.csrf] [user 63] [ip 49.36.81.222] log.py:224 - Forbidden (CSRF token missing or incorrect.): /account/password

caddy_1                      | {"level":"error","ts":1654857559.6865408,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_addr":"49.36.81.222:51116","proto":"HTTP/1.1","method":"POST","host":"subdomain.domain.com","uri":"/account/password","tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","proto_mutual":true,"server_name":"subdomain.domain.com"}},"user_id":"","duration":0.050697593,"size":1019,"status":403}

lms_1                        | [pid: 7|app: 0|req: 213/483] 172.18.0.9 () {54 vars in 2687 bytes} [Fri Jun 10 10:39:19 2022] POST /account/password => generated 1019 bytes in 50 msecs (HTTP/1.1 403) 6 headers in 328 bytes (1 switches on core 0)

I looked around but solutions didn’t seem to work out, one of them did work out and then I wrote a post about it and published it with screenshots on my blog at
https://imsheth.com/posts/tags/tech/openedx-nutmeg-tutor14.

This post is focused on how to setup Open edX Nutmeg with Tutor 14 on Ubuntu 20. Hope it helps the community.