diff --git a/src/main/java/com/oronaminc/join/global/exception/ErrorCode.java b/src/main/java/com/oronaminc/join/global/exception/ErrorCode.java
index 865658b..e710928 100644
--- a/src/main/java/com/oronaminc/join/global/exception/ErrorCode.java
+++ b/src/main/java/com/oronaminc/join/global/exception/ErrorCode.java
@@ -29,7 +29,7 @@ public enum ErrorCode {
     UNAUTHORIZED_UPDATE_AND_DELETE("PARTICIPANT-003", "발표방 수정 및 삭제 권한이 없습니다.", UNAUTHORIZED),
     UNAUTHORIZED_REPORT_READ("PARTICIPANT-004", "결과 리포트 조회 권한이 없습니다.", UNAUTHORIZED),
     UNAUTHORIZED_LIMIT_PARTICIPANT("PARTICIPANT-005", "인원이 가득 차 참가할 수 없습니다.", UNAUTHORIZED),
-    UNAUTHORIZED_NOT_JOIN_ROOM("PARTICIPANT-005", "발표방에 참여하지 않았습니다. 먼저 참여해주세요.", UNAUTHORIZED),
+    UNAUTHORIZED_NOT_JOIN_ROOM("PARTICIPANT-006", "발표방에 참여하지 않았습니다. 먼저 참여해주세요.", UNAUTHORIZED),
 
     FILE_UPLOAD_FAILED("FILE-001", "파일 업로드에 실패하였습니다.", INTERNAL_SERVER_ERROR),
     NOT_FOUND_FILE("FILE-002", "존재하지 않는 파일입니다.", NOT_FOUND),
diff --git a/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java b/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java
index 8332001..87f65f1 100644
--- a/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java
+++ b/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java
@@ -30,12 +30,12 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .csrf(csrf -> csrf.disable())
                 .cors(cors -> cors.configurationSource(corsConfigurationSource()))
                 .authorizeHttpRequests(auth -> auth
-                        .requestMatchers(
-                                "/api/auth/guest",
-                                "/api/auth/kakao",
-                                "/login"
-                        )
-                        .anonymous()
+                        // .requestMatchers(
+                        //         "/api/auth/guest",
+                        //         "/api/auth/kakao",
+                        //         "/login"
+                        // )
+                        // .anonymous()
                         .requestMatchers(
                                 "/swagger-ui/**",
                                 "/swagger-resources/**",
@@ -44,11 +44,14 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                                 "/login/oauth2/code/kakao",
                                 "/api/auth/logout",
                                 "/dev/**",
-                                "/ws/**"
+                                "/ws/**",
+                                "/api/auth/guest",
+                                "/api/auth/kakao",
+                                "/login"
                         )
                         .permitAll()
-                        .requestMatchers("/ws/**").permitAll()
-                        .anyRequest().authenticated()
+                        .anyRequest()
+                        .authenticated()
                 )
                 .formLogin(AbstractHttpConfigurer::disable)
                 .oauth2Login(oauth2 -> oauth2.userInfoEndpoint(userInfo -> userInfo
@@ -62,7 +65,7 @@ public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
         configuration.setAllowCredentials(true);
         configuration.setAllowedOriginPatterns(List.of("*"));
-        configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+        configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
         configuration.setAllowedHeaders(List.of("*"));
 
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();