diff --git a/nginx.conf b/nginx.conf
index 3649b1b..2a768a4 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -1,6 +1,8 @@
 server {
     listen 80;
     server_name localhost;
+    root /usr/share/nginx/html;
+    index index.html;
     
     # Enable gzip compression
     gzip on;
@@ -12,7 +14,12 @@ server {
         include /etc/nginx/auth.conf;
         
         # Serve static files
-        try_files $uri $uri/ /index.html;
+        try_files $uri $uri/ =404;
+        
+        # CORS headers
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always;
         
         # Handle preflight requests
         if ($request_method = 'OPTIONS') {
@@ -25,6 +32,17 @@ server {
             return 204;
         }
     }
+    
+    # Special location for index.html to avoid redirection loops
+    location = /index.html {
+        # Include authentication configuration
+        include /etc/nginx/auth.conf;
+        
+        # CORS headers
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always;
+    }
 
     # Proxy requests to the data API
     location /data/ {