To allow internet clients to connect to your internal web server, change the Source to ‘Standard networks → Any’. (you have ‘Firewall’ in your screenshot).
Once it works you can tighten down the allowed internet clients by using Firewall Groups (location, hosts, networks) instead of Any.
Then in your port forward rule:
Under Protocol, do not specify a source port (you have 80 in your screenshot). That will not work.
Source ports are usually random high ports chosen by the client (never 80).
Only the Destination Port 80 needs to be set which will forward port 80 from external to internal.
If you want to forward a different external port eg: external 8080 to internal 80 set it in the External Port (NAT).