diff --git a/src/main/java/cokr/xit/base/boot/SecurityConfig.java b/src/main/java/cokr/xit/base/boot/SecurityConfig.java
index f058704..ed5d5d4 100644
--- a/src/main/java/cokr/xit/base/boot/SecurityConfig.java
+++ b/src/main/java/cokr/xit/base/boot/SecurityConfig.java
@@ -34,7 +34,7 @@ public class SecurityConfig {
 	@Bean
 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		http.authorizeHttpRequests(conf ->
-				conf.antMatchers("/resources/**", "/login.do", "/logout.do", "/error/*.do").permitAll()
+				conf.antMatchers("/resources/**", "/files/**", "/login.do", "/logout.do", "/error/*.do").permitAll()
 					.antMatchers("/**/*.do").access(authorizationManager())
 					.anyRequest().authenticated()
 			)