Asp.Net WebApp Hosting

Install Dependant Packages #

    wget https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
    sudo dpkg -i packages-microsoft-prod.deb
    rm packages-microsoft-prod.deb
    sudo apt update
    sudo apt install apt-transport-https
    sudo apt install apache2 mysql-server aspnetcore-runtime-5.0 unzip

Apache Configuration #

Enable Proxy Module using the command,

    sudo a2enmod proxy_http

Sample Virtual Host File

    <VirtualHost *:80>
        ProxyPreserveHost On
        ProxyPass / http://127.0.0.1:5000/
        ProxyPassReverse / http://127.0.0.1:5000/
        ServerName app.example.com
        ServerAlias www.app.example.com
        ErrorLog ${APACHE_LOG_DIR}app.example.com-error.log
        CustomLog ${APACHE_LOG_DIR}app.example.com-access.log common
    </VirtualHost>

    <VirtualHost app.example.com:80>
        ServerName app.example.com
        ServerAlias www.app.example.com
        Redirect / https://app.example.com/
    </VirtualHost>

Secure Apache with Let’s Encrypt on Ubuntu 20.04 :
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04

MySql Server Configuration #

Stop the MySQL service:

    sudo service mysql stop

Delete & Recreate the MySQL data directory:

    sudo rm -rf /var/lib/mysql
    sudo mkdir /var/lib/mysql
    sudo chown mysql:mysql /var/lib/mysql
    sudo chmod 700 /var/lib/mysql

Add the following lines to the end of [mysqld] section in /etc/mysql/mysql.conf.d/mysqld.cnf

    lower_case_table_names = 1
    sql_mode = 'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'
    performance_schema=OFF

Configure remote access by commenting bind-address and mysqlx-bind-address in /etc/mysql/mysql.conf.d/mysqld.cnf
Re-initialize MySQL with –lower_case_table_names=1:

    sudo mysqld --defaults-file=/etc/mysql/my.cnf --initialize --lower_case_table_names=1 --user=mysql --console

Start the MySQL service:

    sudo service mysql start

Retrieve the new generated password for MySQL user root:

    sudo grep 'temporary password' /var/log/mysql/error.log

Harden MySql using:

    mysql_secure_installation

    sudo mysql -u root -p

Check Lower Case by running:

    SHOW VARIABLES LIKE 'lower_case_%';

Check Sql Mode by running:

    select @@GLOBAL.sql_mode;

Check available users:

    select User,Host from mysql.user;

Create new user (External Access):

    create user 'user'@'%' identified by 'password';
    GRANT ALL PRIVILEGES ON *.* TO 'user'@'%';
    FLUSH PRIVILEGES;

Create new user (Internal Access):

    create user 'user'@'localhost' identified by 'password';
    GRANT ALL PRIVILEGES ON db.* TO 'user'@'localhost';
    FLUSH PRIVILEGES;