We typically use Application Request Routing (ARR) module to host a reverse proxy on IIS. Azure App Service is also using IIS as it's gateway, which should work for reverse proxy, but it won't work by default. Let's see how can we enable ARR on Azure App Service.

The Experiment

I have https://dropdatabase.run/ domain, and I want to reverse proxy https://996.icu/ under https://dropdatabase.run/996. So I created a web.config file under wwwroot folder.

<?xml version="1.0" encoding="UTF-8"?>
        <rule name="996" stopProcessing="false">
          <match url="996(.*)" />
          <action type="Rewrite" url="https://996.icu/{R:1}" appendQueryString="true" logRewrittenUrl="false" />
		<rule name="996js" stopProcessing="false">
          <match url="js/(.*)" />
          <action type="Rewrite" url="https://996.icu/js/{R:1}" appendQueryString="true" logRewrittenUrl="false" />
        <add name="strict-transport-security" value="max-age=15552001; includeSubDomains; preload" />

It works on my local machine, but on Azure App Service, it went 404.

The web.config is correct, but it won't work because Azure App Service doesn't by default enable the ARR module although it is preinstalled.

The Solution

Let's do some magic that you won't easily find on Microsoft document. To enable ARR on Azure App Service, you need to create an xdt file and upload to your site directory.

Go to Advanced Tools on your website's management blade.

Go to Debug console, CMD or PowerShell

Enter site directory

Click + New file

Enter the magic filename applicationHost.xdt and click the pen icon for editing it's content

Copy the following content and save the file

<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
    <proxy xdt:Transform="InsertIfMissing" enabled="true" preserveHostHeader="false" reverseRewriteHostInResponseHeaders="false" />

Go back to Azure App Service and restart your website

The ARR will be enabled after the website restarts, and our reverse proxy works as expected now