The Complete Guide to Hosting ASP.NET Core on Linux

Hosting ASP.NET Core on Linux — Why and When?

ASP.NET Core runs well on Linux with *Kestrel*, and choosing this platform for hosting can provide important benefits, including: Cost reduction, compatibility with open source tools, and ease of containerization This option is suitable for websites, APIs, background services, and latency-sensitive applications such as games and trading.

Prerequisites and server selection

Linux distribution and .NET version

Suggested distributions include: Ubuntu LTS (20.04/22.04), Debian (11/12), and CentOS Stream or Rocky/Alma They are for production. For environments with strict security of RHEL Use the official Microsoft runtime and SDK (e.g. .NET 6/7/8).

Hardware resources and service type

For websites and lightweight APIs usually 1-2 vCPU, 1-4GB RAM and NVMe SSD Enough. Business and heavy applications to 4+ vCPUs and 8+ GB RAM And they need a high-speed network.

For trading and gaming with low ping It is best to choose localized VPS near an exchange or regional data center. Our company has 85+ global locations, making it easy to choose the closest data center.

Use graphics servers (GPU) for AI/Inference or rendering; our company provides GPU Cloud service and compute server with high-speed network.

To protect against attacks, consider an anti-DDoS server and a network with BGP and CDN.

Basic installation and setup (.NET runtime) — example for Ubuntu

To install the official Microsoft runtime, add the repository and then install the runtime:

sudo apt update
wget https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt update
sudo apt install -y dotnet-runtime-7.0

Then create a secure service user and application directory:

sudo useradd -r -s /usr/sbin/nologin aspnetuser
sudo mkdir -p /var/www/myapp
sudo chown aspnetuser:aspnetuser /var/www/myapp

Containerless deployment — Kestrel + systemd + Nginx

Publish the application and configure systemd

Build and publish the application to the app directory path:

dotnet publish -c Release -o /var/www/myapp

Example unit file for systemd in /etc/systemd/system/myapp.service Place:

[Unit]
Description=My ASP.NET Core App
After=network.target

[Service]
WorkingDirectory=/var/www/myapp
ExecStart=/usr/bin/dotnet /var/www/myapp/MyApp.dll
Restart=always
# Safe User/Group
User=aspnetuser
Group=aspnetuser
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false

[Install]
WantedBy=multi-user.target

Activating and running the service:

sudo systemctl daemon-reload
sudo systemctl enable myapp
sudo systemctl start myapp
sudo journalctl -u myapp -f

Configuring Nginx as a reverse proxy (SSL termination)

Install Nginx and Certbot:

sudo apt install -y nginx certbot python3-certbot-nginx

Sample Nginx configuration in /etc/nginx/sites-available/myapp Place:

server {
    listen 80;
    server_name example.com www.example.com;

    location / {
        proxy_pass         http://127.0.0.1:5000;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
}

Get a free SSL certificate:

sudo certbot --nginx -d example.com -d www.example.com

Deploying with Docker and Docker Compose

Example multi-step Dockerfile for producing a small and optimized image:

FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build
WORKDIR /src
COPY . .
RUN dotnet publish -c Release -o /app

FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS runtime
WORKDIR /app
COPY --from=build /app .
ENTRYPOINT ["dotnet", "MyApp.dll"]

Sample docker-compose.yml (you can also use nginx-proxy or Traefik):

version: '3.8'
services:
  web:
    build: .
    ports:
      - "5000"
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
  nginx:
    image: nginx:stable
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/conf.d:/etc/nginx/conf.d
      - ./certs:/etc/letsencrypt

For CI/CD, use GitLab CI or GitHub Actions to build, test, and deploy images to the registry and then pull to the server. Our company offers GitLab hosting for private teams.

Security and best practices

Network and firewall

Open only essential ports (80/443) and limit SSH access to required addresses.

sudo ufw allow 80,443/tcp
sudo ufw allow from 203.0.113.0/24 to any port 22 proto tcp  # مثال
sudo ufw enable

TLS and hardening

Attacks and protection

Use fail2ban to protect SSH and rate-limiting in Nginx. Use anti-DDoS servers for sensitive applications; our company offers anti-DDoS and CDN packages with BGP.

SELinux / AppArmor

On distributions with SELinux enabled (RHEL/CentOS), make sure contexts are set correctly for files and ports. On other distributions, use AppArmor for profiling — permanent shutdown is not recommended.

Performance optimization and monitoring

Kestrel tuning and connection settings

Use HTTP/2 and Keep-Alive at the reverse proxy layer. Consider Kestrel limitations in appsettings.json Set (e.g. Limits.MaxConcurrentConnections, MaxRequestBodySize).

Use response compression (Brotli/Gzip) to compress responses:

services.AddResponseCompression(options => { options.EnableForHttps = true; });

Cache and meetings

Use Redis for distributed cache and session state to enable horizontal scaling. Use CDN for static content to reduce server load.

Monitoring and logging

Combine structured logging with Serilog or Microsoft.Extensions.Logging and send to ELK/Graylog. For metrics, use dotnet-counters, Prometheus exporter (dotnet_exporter), and Grafana. APM like Application Insights is useful for tracing.

Comparing locations and choosing the right one based on application

For trading, low ping and stability are important — choose a location close to exchanges or private networks. For gaming, regional servers and gaming VPS with a high-speed network are recommended.

For AI and rendering, use GPU Cloud and compute servers with NVMe and high bandwidth. For websites and apps, location close to main users and combination of CDN and multi-region for better availability is recommended. Our company offers 85+ global locations and CDN and BGP network.

High scalability and availability

Use a Layer 7 load balancer (Nginx/HAProxy/Cloud LB) or datacenter LB. Store sessions in Redis or a shared database. Horizontalize containers and VMs for auto-scaling; use HPA in Kubernetes. Use BGP anycast and CDN for global traffic distribution.

Common bug fixes

Common cases and examination methods:

• 502 Bad Gateway: Check systemd with journalctl -u myapp, local port with ss -tlnp and file permissions.
• SSL Problem: Check certbot renew, access to the cert folder and referencing it correctly in Nginx.
• File/Permission Errors: Check the correct owner/group for the service user.
• Unexpected slowness: Use dotnet-counters and profiler to find CPU or GC bottlenecks.

Practical tips for production (DevOps)

• Use multi-stage Docker builds to shrink the image.
• Store secrets in a secret manager (Vault, GitLab CI secrets).
• Write health endpoints and configure liveness/readiness for the orchestrator.
• Perform build/test/deploy automation with GitLab CI or GitHub Actions.

Summary and service offers

Hosting ASP.NET Core on Linux is a **scalable, secure, and extensible** option for web and API applications. For high performance and availability, it is recommended to deploy the app with Kestrel + Nginx or in a container with orchestrator, take TLS and hardening seriously, use Redis/DB for state, and use a CDN for static content.

With over 85 global locations, GPU Cloud, compute and dedicated servers, trading and gaming VPS, anti-DDoS infrastructure, GitLab hosting, CDN, and BGP network, our company offers hosting and support solutions for ASP.NET Core applications with different plans.