If I host my Kestrel-based ASP.NET Core website with UseIISIntegration behind IIS, should the Server response header still say that I'm using Kestrel? Because it seems that it is:
Is it a correct behavior?
Short answer: Yes, it should still report the application as hosted by Kestrel.
When you use IIS to host an ASP.NET Core application, you're really using IIS as a reverse proxy to Kestrel. This is the approach recommended by the documentation:
If you intend to deploy your application on a Windows server, you should run IIS as a reverse proxy server that manages and proxies requests to Kestrel.
An incoming request will be handled first by IIS, and then passed on to Kestrel, like this:
Web -> IIS -> ASP.NET Core module -> Kestrel
So it's still accurate to say that Kestrel is the server handling the request. IIS is just sitting in front, helping Kestrel deal with the incoming traffic. You can check whether the site has been set up and assigned to an app pool in the IIS Manager if you want to determine whether it's using IIS (which should be the default).
Not exactly the answer to the question, but since Google gave me this related answer to my question it might help some people:
To remove this "server" header, an option has been added to the Kestrel Startup Options, so in program.cs you can remove it by adding the following option:
.UseKestrel(o => { o.AddServerHeader = false; })
Documentation (quite poor)
Related
I have a website on blazor server that will need to scale in the future i.e. there will be several servers. How to do balancing on blazor server using Nginx? In this case, it is necessary that the session is also saved, i.e. did not throw out in case of turning off one of the servers.
Microsoft describes how to load-balance on Linux using NGINX on the following page:
ASP.NET Core SignalR hosting and scaling
I have on-prem TFS within a small domain that we RDP into. Development machines are in this domain/enclave as well. Prior to the most recent TFS upgrade, we were able to connect Visual Studio to TFS and browse the TFS web UI using HTTP only within the enclave. We could also use HTTPS from outside the enclave (no http) to access the web UI. With the latest upgrade, I have mirrored the IIS authentication, SSL and binding configurations but now pointing a browser or Visual Studio at the HTTP only address always redirects to the HTTPS address and forces the SSL login. This is a problem for us because we use a large enterprise PKI infrastructure (access cards, non-local services, etc) that is very flaky: constantly dropping the Visual Studio connection to TFS and asking for PIN re-entry every 2 - 3 minutes. How can I stop the http address from re-directing to https all the time in our enclave? Is TFS doing this now? or IIS?
Since TFS2017 server changed the Authentication from NTLM to KERBEROS by default. You could use the following command to use NTLM back:
TFSConfig Authentication /provider:NTLM
And please try to create a new DNS, then check the result again.
If you want to remove Https, you should change the "Public URL" to http in TFS administration console, removed the HTTPS bindings from IIS.
If above is not work, try to uninstall and re-install the Application Tire and choose the http only option.
For more details take a look at this similar question: TFS 2018 - remove HTTPS
Got it. Found this article describing the redirect behavior from the URL. Long story short-> In IIS, select the TFS under Sites, then Application Settings, setting name sslOnly was set to true. Changed to false. Now I can access the TFS portal from inside the enclave using http OR https and from outside using https only. This means that VS can also connect to TFS via http only.
I am hosting a handler inside of a IIS web application. Is this a good solution ? Or Should I Hosting a handler in windows service application ? Which solution is better? What is recommended and what is more performance ?
I use SqlTransport in my configuration.
There are many factors that can effect how you choose to host your endpoint(s). For example
How you want to scale your site / handlers
What permissions can be granted to your web site process
How an IIS reset can effect your handling code
But in general... Host the bus in both the Web Application and a Windows service.
The web application handles incoming http requests, translates those requests to messages and places them on the bus via a Send.
The Windows service takes message off the bus and does the actual handling/business processing.
Some useful links that may guide you to the best solution for you circumstance
Hosting documentation http://docs.particular.net/nservicebus/hosting/ which contains some information on hosting in a web application
Windows Service Hosting http://docs.particular.net/nservicebus/hosting/windows-service
A showcase sample that uses a similar design as i described above http://docs.particular.net/samples/show-case/on-premise/
Web related samples http://docs.particular.net/samples/web/
Implications of Publishing from Web Applications http://docs.particular.net/nservicebus/hosting/publishing-from-web-applications
If you need to send messages from your web application then the only solution is to host NServiceBus in IIS, With IIS you shouldn't be publishing events from IIS.
Take a look here for more details
HTH
I am using Apache HTTP server as a web server in front of WebLogic Application Server. I've integrated these two using mod_wl_22.so plug-in with some configuration in httpd.conf file - now I can access an application deployed on WebLogic Application Server using Apache HTTP Server URL, in other words, the actual URL (WebLogic Application Server URL) to access application localhost:7001/testproj/index.html can be accessed with localhost/testproj/index.html URL (Apache HTTP Server URL) also.
The requirement now is to configure a custom filter (or something), preferably in Java, in Apache HTTP Server so I can modify "form post data" before sending it to WebLogic Application Server. I didn't find any example/help regarding this as of now while googling.
Please let me know if anyone has done this before.
Thanks.
After googling I now have a feeling that Java is not supported in Apache HTTP Server hence I can't write filter (or servlet) in Java. Is this true?
I also found that mod_perl can help me with this problem.
So far I've been successfully using fiddler to sniff web service traffic from both test fixtures, console apps and web projects.
Today I noticed I am not able anymore to sniff that kind of traffic if I am running my web application (it's a ASP.NET website, hosted locally on IIS). I see all the local traffic but the web service traffic is just gone (the service is being hit as I do see the response debugging into the code).
I am still able to successfully sniff soap requests and responses from test fixtures or console apps in the same solution (exact same environment).
If it was a windows (I am on Win7) security update or the likes it would never work I guess (unless it affects only traffic routed through IIS).
What should I be looking for that could cause the emergence this behavior?
Any pointers appreciated!
NOTE: I can see local traffic, but not the SOAP request/responses to the web service which is not hosted locally anyway (it's a sandbox another team is providing)
EDIT: This bit of configuration did the trick (found on Rick Strahl's blog)
<system.net>
<defaultProxy>
<proxy
usesystemdefault="False"
bypassonlocal="True"
proxyaddress="http://127.0.0.1:8888"/>
</defaultProxy>
</system.net>
What's the client of the web service? ASP.NET?
ASP.NET traffic isn't proxied unless you configure ASP.NET to use a proxy. It's possible/likely that the app.config or machine.config changed such that traffic is no longer getting proxied?
You should have a look at this section: http://www.fiddlerbook.com/fiddler/help/hookup.asp#Q-DOTNET
If you want to view the http traffic between your web site and your web service on your development machine, and don't want to change your machine.config.
One easy solution is to change the Application Pool Identity of your web site to use your own credentials of the current logged on user. This means that your web site will adopt your proxy settings and will now redirect to Fiddler.
Make sure the web service you are calling (from IE) is not http://localhost/yourwebservice
Fiddler will not intercept localhost traffic from IE, use http://machinename/yourwebservice instead.
I ran into this issue a week or so ago. Try this page: http://docs.telerik.com/fiddler/Observe-Traffic/Troubleshooting/NoTrafficToLocalhosthttp://www.fiddler2.com/fiddler/help/hookup.asp#Q-LocalTraffic
The ipv4.fiddler was the part that worked for me. Hope this helps.
You're probably using a port other than 80 for these http requests. I remember setting up a reverse proxy to look at WCF requests I was making on my local machine during dev. Here's the documentation:
http://www.fiddlertool.com/fiddler/help/reverseproxy.asp
Can you try the following -
Try stopping the windows firewall and see what happens
try using firefox and redirecting traffic to fiddler and see what happens