diff --git a/cmd/edge-admin/main.go b/cmd/edge-admin/main.go
index bfb0242d..20bcaf60 100644
--- a/cmd/edge-admin/main.go
+++ b/cmd/edge-admin/main.go
@@ -41,7 +41,8 @@ func main() {
 		Option("dev", "switch to 'dev' mode").
 		Option("prod", "switch to 'prod' mode").
 		Option("upgrade [--url=URL]", "upgrade from official site or an url").
-		Option("install-local-node", "install a local node")
+		Option("install-local-node", "install a local node").
+		Option("security.reset", "reset security config")
 
 	app.On("daemon", func() {
 		nodes.NewAdminNode().Daemon()
@@ -179,6 +180,17 @@ func main() {
 		log.Println("restarting ...")
 		app.RunRestart()
 	})
+	app.On("security.reset", func() {
+		var sock = gosock.NewTmpSock(teaconst.ProcessName)
+		if !sock.IsListening() {
+			fmt.Println("[ERROR]the service not started yet, you should start the service first")
+			return
+		}
+		_, _ = sock.Send(&gosock.Command{
+			Code: "security.reset",
+		})
+		fmt.Println("ok")
+	})
 	app.Run(func() {
 		var adminNode = nodes.NewAdminNode()
 		adminNode.Run()
diff --git a/internal/configloaders/security_config.go b/internal/configloaders/security_config.go
index cadc00a4..e0b9ef4e 100644
--- a/internal/configloaders/security_config.go
+++ b/internal/configloaders/security_config.go
@@ -79,7 +79,7 @@ func loadSecurityConfig() (*systemconfigs.SecurityConfig, error) {
 		return nil, err
 	}
 	if len(resp.ValueJSON) == 0 {
-		sharedSecurityConfig = defaultSecurityConfig()
+		sharedSecurityConfig = NewSecurityConfig()
 		return sharedSecurityConfig, nil
 	}
 
@@ -94,7 +94,7 @@ func loadSecurityConfig() (*systemconfigs.SecurityConfig, error) {
 	err = json.Unmarshal(resp.ValueJSON, config)
 	if err != nil {
 		logs.Println("[SECURITY_MANAGER]" + err.Error())
-		sharedSecurityConfig = defaultSecurityConfig()
+		sharedSecurityConfig = NewSecurityConfig()
 		return sharedSecurityConfig, nil
 	}
 	err = config.Init()
@@ -105,7 +105,8 @@ func loadSecurityConfig() (*systemconfigs.SecurityConfig, error) {
 	return sharedSecurityConfig, nil
 }
 
-func defaultSecurityConfig() *systemconfigs.SecurityConfig {
+// NewSecurityConfig create new security config
+func NewSecurityConfig() *systemconfigs.SecurityConfig {
 	return &systemconfigs.SecurityConfig{
 		Frame:                  FrameSameOrigin,
 		AllowLocal:             true,
diff --git a/internal/nodes/admin_node.go b/internal/nodes/admin_node.go
index 5ef66da7..14569e9d 100644
--- a/internal/nodes/admin_node.go
+++ b/internal/nodes/admin_node.go
@@ -3,6 +3,7 @@ package nodes
 import (
 	"errors"
 	"fmt"
+	"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
 	"github.com/TeaOSLab/EdgeAdmin/internal/configs"
 	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
 	"github.com/TeaOSLab/EdgeAdmin/internal/events"
@@ -406,6 +407,10 @@ func (this *AdminNode) listenSock() error {
 			case "prod": // 切换到prod
 				Tea.Env = Tea.EnvProd
 				_ = cmd.ReplyOk()
+			case "security.reset":
+				var newConfig = configloaders.NewSecurityConfig()
+				_ = configloaders.UpdateSecurityConfig(newConfig)
+				_ = cmd.ReplyOk()
 			}
 		})