Hi, I am not quite sure this is your problem, you should indicate that the IP address of the proxy server is trusted. Go to the IWS server, navigate to Server Properties -> Properties, select the Ports tab, and in the second table should be a list of Trusted HTTP proxy server IP addresses. You can either specify splat (*), which means all HTTP server can forward requests (generally not recommended), or specify a list of IP addresses.
------------------------------
Nadir K Amra
------------------------------
Original Message:
Sent: Fri March 15, 2024 09:54 PM
From: Peter Vazny
Subject: IWS behind a reverse proxe returning 403 for POST request when the external port does not match internal port
We have a reverse proxy at front of IWS. Requests work OK as long as they are GET, but for POST request we are getting 403 response. This only happens if the external port does not match the internal port. For example if the web server on IWS is set up on port 8080 and the external port is plain HTTPS 443, then any POST request will result in 403. If we match the external port and set it to 8080, everything works as expected. I also found that this is purely based on the referer header. If I add the internal port to the referer header, things start working. However I would like to avoid that. I am unable to find out what setting or policy is causing this.
Edit: CORS is not explicitly enabled anywhere I can find.
------------------------------
Peter Vazny
------------------------------