diff --git a/backend/streetdrop-api/src/main/java/com/depromeet/security/config/WebSecurityConfig.java b/backend/streetdrop-api/src/main/java/com/depromeet/security/config/WebSecurityConfig.java
index 8c54d183..d2b6a4f9 100644
--- a/backend/streetdrop-api/src/main/java/com/depromeet/security/config/WebSecurityConfig.java
+++ b/backend/streetdrop-api/src/main/java/com/depromeet/security/config/WebSecurityConfig.java
@@ -14,8 +14,6 @@
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
-import static org.springframework.http.HttpMethod.POST;
-
 @Configuration
 @EnableWebSecurity
 @RequiredArgsConstructor
@@ -31,11 +29,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .and().csrf().disable()
                 .authorizeHttpRequests()
                 .requestMatchers("/users/*").authenticated()
-                .requestMatchers(HttpMethod.POST, "/items").authenticated()
+                .requestMatchers(HttpMethod.POST, "/items/*").authenticated()
                 .requestMatchers(HttpMethod.PATCH, "/items/*").authenticated()
                 .requestMatchers(HttpMethod.DELETE, "/items/*").authenticated()
-                .requestMatchers("/items/*/likes", "/items/*/unlikes").authenticated()
-                .requestMatchers(POST, "items/claim").authenticated()
                 .anyRequest().permitAll().and()
                 .anonymous().and()
                 .formLogin().disable()