1

I am writing an app using asp.net mvc that right now runs against microsoft's kestrel server. It works fine, and I pass values to it at startup using a hosting.json file defined as follows;

{
    "server": "Microsoft.AspNet.Server.Kestrel",
    "server.urls": "http://localhost:5000;https://localhost:5001"
}

Is there any way to give the "server" a name, so that it isn't always reporting as localhost or undefined all the time?

Ciel
  • 4,290
  • 8
  • 51
  • 110

1 Answers1

-1

Please replace localhost with *. This will give the below benefits:

  1. If you give localhost, you can access the application only through http://localhost:5000 and not using IP [http://192.168.1.2:5000, an example]. By using *, you can access through the IP.
  2. You can connect to the server from other PCs or Mobile Devices.

A few days back, I had the same requirements as yours and got the solution from: docs.asp.net. [The Comments section is hidden by default. Please click Show Comments and search for localhost.]

Tip 1: To view the application from a mobile device, please check: Viewing localhost website from mobile device.

Tip 2: My question and answer has been posted here: Compiling an ASP.NET 5 Web Application and generating DLL files.

Community
  • 1
  • 1
Bala Sakthis
  • 664
  • 1
  • 8
  • 20
  • 1
    You should note that changing the kestrel URL to * is a bad idea security wise. You have now exposed Kestrel to direct connections, rather than protecting it behind IIS. The ASP.NET team does *not* recommend this. Keep Kestrel listening on localhost and allow IIS to be the exposed listener. – blowdart Feb 29 '16 at 14:08
  • @blowdart, I got the problem with * approach and I have updated my code. Thanks! for your inputs. "Keep Kestrel listening on localhost and allow IIS to be the exposed listener.". But, Kestrel runs independent of IIS, right? What will happen if I am completely dependent on Kestrel and not any other Web Servers? – Bala Sakthis Feb 29 '16 at 16:00
  • 1
    The asp.net team advice is never expose kestrel directly. Always put it behind something. No exceptions. – blowdart Feb 29 '16 at 17:44
  • Well. I'm at an impasse. This answer did tell me how to accomplish what I asked, but it's being treated as a pretty horrible practice, so I don't know what to do. – Ciel Mar 06 '16 at 23:51
  • Hey @blowdart, look what Stephen Halter from the ASP.Net team is saying here https://github.com/aspnet/Docs/issues/926 In my case, we don't have any luxury of putting things behind IIS. Which way to go? – Yogiraj Jun 28 '16 at 19:24
  • My advice still stands. If it helps, I'm the security person on the ASP.NET team. – blowdart Jun 28 '16 at 19:38