How to configure ASP.NET Core apps on Uberspace 7

If you're developing web apps using ASP.NET Core like I do, you'll sooner or later want to publish them. Of course, you could use Azure for this task, but for me, that was rather expensive. I mean, ~45€ for the Basic plan, seriously?

So, I looked further. This blog is hosted on Uberspace, a German hosting provider. My experience with them is – simply said – awesome. Fast and kind support, fair prices (actually, they use a pay-what-you-want-model!), there's simply nothing to worry about.

And of course, they support it. So, I run my app and almost everything worked. Almost? Yep, there was just one thing, which wasn't working. The authentication middleware. So I searched through the docs and found a section specific for configuring ASP.NET Core to work behind Apache as reverse proxy.

Create a configuration file, named helloapp.conf, for the app:

Bummer! We can only use .htaccess files on Uberspace.

The solution

There are two steps that need to be done in order to work as expected.

Configure your application

As stated in the docs, you should install the Microsoft.AspNetCore.HttpOverrides NuGet package. I'm not going into the details here, in this post, I'm just showing the differences.

Instead of using just the X-Forwarded-For and X-Forwarded-Proto headers, you want to use all. So instead of:

app.UseForwardedHeaders(new ForwardedHeadersOptions
{
    ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});

you should write:

app.UseForwardedHeaders(new ForwardedHeadersOptions
{
    ForwardedHeaders = ForwardedHeaders.All
});

That is everything in preparation of your application. Now it comes to the .htaccess.

.htaccess

Well, we can't create a .conf file for our application. But we can create .htaccess files. And this allows us to set the headers manually, so we add the specific headers a new .htaccess. As stated in the Uberspace manual, this should be done on your DocumentRoot. In the end, we need to add three headers to our .htaccess:

RequestHeader set "X-Forwarded-Proto" https
RequestHeader set "X-Forwarded-For" 127.0.0.1
RequestHeader set "X-Forwarded-Host" jlnostr.de

Each line adds the specific header to the request. We can hardcode the values, 'cause they won't be different on each request. While you can copy & paste the first two lines, you need to modify the third line to use your specific hostname. In my case that would be jlnostr.de.
In total, your .htaccess can look like this:

RewriteEngine On
RequestHeader set "X-Forwarded-Proto" https
RequestHeader set "X-Forwarded-For" 127.0.0.1
RequestHeader set "X-Forwarded-Host" jlnostr.de
RewriteRule ^(.*) http://localhost:63343/$1 [P]
DirectoryIndex disabled

After that, everything should work as expected! 🎉