You have to figure out what specific request is generating the 403. Look in the IIS logs and/or use a tool to spy on HTTP traffice such as Fiddler.
We recently had a similar problem where we had a proxy which required HTTPS but communicated with the underlying web services using HTTP. The user configured the default web site to require HTTPS which resulted in a 403 error when the proxy attempted to use HTTP.