IIS Reverse Proxy for SCM-Manager

Good morning,

I installed SCM-Manager in a Docker Stack Compose container hosted on a Windows Server 2022 machine using WSL. SCM-Manager works correctly when accessed via the localhost:port URL from within the host. I configured a reverse proxy in IIS to redirect requests from localhost to a subdomain of my domain. However, when I try to access SCM-Manager from the internet using the address http://subdomain.mydomain.com, the application hangs on “Loading Plug In information.”

According to the documentation on reverse proxies, I need to configure three headers: X-Forwarded-For, X-Forwarded-Host, and X-Forwarded-Proto. In my IIS reverse proxy, I set these headers with the following server variable values:

• HTTP_X-Forwarded-For: forwardfor
• HTTP_X-Forwarded-Host: 127.0.0.1:8080
• HTTP_X-Forwarded-Proto: http

Despite these settings, the error persists, and I still cannot access the application.

Does anyone have any ideas on what might be misconfigured? Any help will be greatly appreciated.

Thanks in advance.

Gustavo

Hello Gustavo,

do you have access to the configuration of the IIS reverse proxy and may share it?

Hello,
Thanks for your help. Hereby the Reverse Proxy configuration. I configured SCMManager to use port 9060 because other container is already using port 8080:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{CACHE_URL}" pattern="^(https?)://" />
                    </conditions>
                    <action type="Rewrite" url="{C:1}://127.0.0.1:9060/{R:1}" />
                    <serverVariables>
                        <set name="HTTP_X_Forwarded_Host" value="{HTTP_HOST}" />
                        <set name="HTTP_X_Forwarded_Proto" value="http" />
                        <set name="HTTP_X-Forwarded-For" value="forwardfor" />
                    </serverVariables>
                </rule>
            </rules>
        </rewrite>
        <httpErrors errorMode="Detailed" />
    </system.webServer>
</configuration>

Once again, many thanks.
Gustavo

Hi Gustavo,
for me it looks like your IIS is sending the literal value forwardfor in the header. Is this correct? This will not work. If I’m not mistaken, the value should be the address of your reverse proxy (ie. the {HTTP_HOST} or the IP address of your IIS in this case?
Maybe you can try this.
René

Hi Rene,
Thanks for your suggestion. I replaced the value of the HTTP_X-Forwarded-For Header with the value {HTTP_HOST}, then with the IP address of the server, and removed it completely, and it made in fact no matter, the error remains.
In the meantime, I stay experimenting with the situation. I am now able to use HTTS using a subdomain. It seems that you need to insert the “preserveHostHeader=true” option in IIS. Because there is no way to set it in the IIS Manager, you need to open the file “C:\Windows\System32\inetsrv\config\applicationHost.config” and modify the section ‘<proxy preserveHostHeader=“true” … />’ manually, or use the following PowerShell script to do it automatically:

  .\appcmd.exe set config -section:system.webServer/proxy -preserveHostHeader:true /commit:apphost

As said, that makes it possible to use HTTP without errors. But it does not work for HTTPS. In HTTPS the error is back.
I am very puzzled by this situation. There is nothing to see in the SCM-Manager logs in the Docker Container or in the IIS logs that indicates that there is a problem, and you can make it work for HTTP but not for HTTPS.
In summary, if somebody is facing the problem to use IIS Reverse Proxy for SCM-Manager, you need to make the configuration shown earlier, and add the two Headers HTTP_X_Forwarded_Host={HTTP_HOST} and HTTP_X_Forwarded_Proto=http (or https if you are using HTTPS). That will work for HTTP, but not for HTTPS.
If somebody has any ideas, it will be highly appreciated.
Gustavo