Securing an ASP.NET Core App on Ubuntu Using Nginx and Docker (Part I)

Typically, when you develop with ASP.NET you have the luxury of IIS Express taking care of SSL and hosting, however IIS and IIS Express are exclusive to the Windows platform. ASP.NET Core 1.0 has decoupled the web server from the environment that hosts the application. This is great news for cross-platform developers since web servers other than IIS such as Apache and Nginx may be set up on Linux and Mac machines. Securing ASP.NET Core App on Ubuntu Using Nginx and Docker Part 1.png

This tutorial involves using Nginx as the web server to host a dockerized .NET Core web application with SSL Termination on a Ubuntu machine. In this three-part tutorial, I’ll guide you in:

Part I (This post)  1. Creating and publishing an ASP.NET Core web app using the new dotnet CLI tools and 2. Installing and configuring PuTTY so we may SSH and transfer files with our Ubuntu machine

Part II – Setting up Docker and creating a Docker Image on Ubuntu 16.04

Part III – 1. Configuring Nginx for SSL termination and 2. Building and Running the Docker Image.


  • Install Ubuntu 16.04 on a domain joined machine or VM
  • On the Windows machine:

Step 1: Create and publish a simple ASP.NET Core MVC “Hello World” app

This can be accomplished by firing up Visual Studio and creating a new ASP.NET Core MVC Web Application. Instead of using Visual Studio, I will show you how it’s done via the dotnet command line interface (CLI). If you haven’t already, you must install the dotnet CLI tools. We will use dotnet new to create a new project, dotnet restore to restore any missing NuGet packages, and dotnet publish to publish the app to a self-containing folder. 

Open an instance of Windows CMD or alternatively you may use Powershell. Navigate to the directory you would like to create the dotnet application.

The following lines of code will navigate to the c: directory, create a folder called NetApp, go into this folder, and create a new dotnet Hello World project.

cd c:
mkdir NetApp
cd NetApp
dotnet new

Now that we’ve created the default .NET Core Hello World project, we must make some changes to the “project.json” file. The “project.json” file contains a list of all the libraries, NuGet packages, and references that the project needs. It also has a section “publishOptions” that delegates which files to include in the published application. By default, the “publishOptions” does not include the Controllers folder, Startup.cs, and Program.cs, which are necessary to running a self-contained application. Locate and modify the “publishOptions” as I have:

"publishOptions": { 
  "include": [ 
"publishOptions": { 
  "include": [ 
Let’s use the “dotnet restore” command to restore any NuGet packages that are referenced in the default “project.json” file. 
dotnet restore

The “dotnet publish” command packs the application and all of its dependencies into a folder ready for publishing. As mentioned earlier, the publish tool obtains information from the “project.json” file and uses it to identify the dependencies as well as files to include while publishing.

Using the publish tool results in a portable application as well as a self-contained application and if no output directory is specified it will output the files within the project directory at: ./bin/[configuration]/[framework]/publish/

dotnet publish

Now in our c:NetAppbinDebugnetcoreapp1.0publish

Now that we have a self-contained application, we may copy it over to Ubuntu using PSCP.

Step 2: Obtain IP Addresses of the Ubuntu machine.

Before we can do anything, we need the IP address of the guest (Ubuntu) machine so we may use SSH to send commands and files.

To do this, simply type /sbin/ifconfig. Depending on your environment and how many network adapters you have configured your results may vary.

My Ubuntu IP Address is

Now that we have the IP address of the Ubuntu machine we may utilize PuTTY to SSH and copy files.

Step 3: Configure PuTTY and PSCP to transfer files to your guest Ubuntu machine

PuTTY is an SSH and telnet client developed for the Windows platform. {{cta(‘d173b5b6-18d9-4d5d-9383-d06f0cfdfa78′,’justifyright’)}}We may use PuTTY to SSH into Ubuntu and send commands.

We will also use PSCP, the PuTTY Secure Copy Client, to transfer files securely over SSH. Download PuTTY and PSCP if you have not already. If you are an adept Linux user and wish to use another means to transfer files, you may skip to Part II.

Before we can run PuTTY, we must install (on Ubuntu) openssh-server to enable SSH:

sudo apt-get update && sudo apt-get install openssh-server

Run putty.exe and enter the IP Address of the Ubuntu Machine. The Port and connection type should remain as 22 and SSH. For your convenience, you may give a name to the session and save it to skip putting in the IP every time. Since my Ubuntu machine is this is what I will provide to PuTTY:

PuTTy Configuration for IP address of Ubuntu Machine Technical blog post by Majed Ayoub at Easy Dynamics

Now that we have PuTTY and PSCP set up, we may begin setting things up on Ubuntu comfortably from your Windows machine.

Step 4: Using PuTTY and PSCP to copy the Self-contained app

Fire up an SSH session in PuTTY.

In PuTTY, create a temp folder to hold the self-contained application.

mkdir ~/temp/

Since my username is “mayoub,” I could have also done mkdir /home/mayoub/temp

Prepare to copy the published folder to the Ubuntu machine.

Run CMD on your Windows machine, navigate to the directory where you installed PSCP.exe. 

Since you will need sudo (superuser permissions) to copy the contents of your project to the web root, we will first copy the files to the temporary folder in /home/<user>/temp or ~/temp for short.

Copy the contents of the published folder to the newly created temp folder using PSCP.

pscp -r C:<location of project>* <username><user>/temp

For example, I would do:

pscp -r C:dotnet_project* mayoub@

NOTE: The asterisk ‘*’ following the directory denotes we want to copy all of the contents and “-r” tells pscp to include all sub directories.

Create the web root and copy the contents to your web root. (Ubuntu)

sudo mkdir -p /etc/netcore/mySecureApp/

NOTE: p following mkdir tells mkdir to create any intermediary folders if they do not exist.

sudo cp -R ~/temp/. /etc/netcore/mySecureApp/

NOTE: R following cp tells cp to copy the files recursively. the trailing period after /temp/. copies all files in the directory.

The Wrap-Up

In Part II, I will discuss setting up Docker and containerizing the .NET Core App that we’ve just copied over to Ubuntu.

What other tips and tricks have you used while securing an ASP.NET Core App? Share your wisdom with us in a comment below!

Found this blog post useful? Make yourself comfortable and check out our blog home page to explore other technologies we use on a daily basis and the fixes we’ve solved in our day to day work. To make your life easier, subscribe to our blog to get instant updates sent straight to your inbox:



Leave a Comment

Easy Dynamics Login