DEV Community 👩‍💻👨‍💻

Bruce Axtens
Bruce Axtens

Posted on

Now need help setting up a reverse proxy in IIS

You can find the original over on serverfault but I'm pasting the question in here as well just in case.

So the scenario we have in mind is as follows.

We have an IFRAME. Said IFRAME wants to point to a resource on It might be, for example, However, despite all our requests to, they refuse to allow us to link directly to their site, blocking the cross-origin request.

So we decide we want to set up a reverse-proxy. We've heard about nginx and apache but we've got a corporate commitment to Microsoft's technology, for better or worse, so decide in favour of IIS.

Using one of our Azure servers, we create a website, let's call it We configure the IFRAMEs so that a request to actually goes to

At this point we go slightly insane.

Is it actually possible for the request to be converted, on the server, to a request for and for the response to that to be fed back to the originator of the IFRAME request?

We've done a lot of searching and we keep finding things that almost work. What actually does work? Is IIS's Url Rewrite the thing to use, and if so, what should the rule/s look like? Or should we be using some C#-y thing instead?

Top comments (3)

gpproton profile image
bit Overloader

Have you tried a url rewrite wildcard with source specified like{R:0} and ensure TLS 1.3 is fully supported.

I think it's bizarre that there'll be so much issues with it although I don't know the whole issues.

bugmagnet profile image
Bruce Axtens Author

This is, by the way, me trying to find an IIS-based approach. We got a contractor to figure out how to do it in nginx but he only got as far as the server-to-third-party part and couldn't tell us how to do the browser-to-server part. This serverfault posting is me trying to find out what to do next. I got given a pointer but it assumed more knowledge than I actually have.

bugmagnet profile image
Bruce Axtens Author • Edited on

I have tried a number of things like that, but without good results. I'm having a I-just-don't-get-it moment which I'm hoping will pass soon. I finally understood outbound rules this morning. I'm hoping for that understanding of inbound rules will follow soon.

For example a (redacted) error

Requested URL      http://our.server:80/third/third/third/third/third/third/third/third/third/third/third/third/au/mz
Physical Path      C:\web\projects\third\third\third\third\third\third\third\third\third\third\third\third\au\mz

I don't want it to resolve to a physical path. I want it to resolve to a third party site. And what's with all the third repeats? The original request was http://our.server:80/third/au/mx which I want to resolve to

And then there's all the links to the thirdparty that will need to get rewritten as links to our.server ... but that's another story.

🌚 Browsing with dark mode makes you a better developer.

It's a scientific fact.