Deploy Firely Server on a reverse proxy
For ASP.NET Core 1.0 Microsoft suggested to always use another web server in front of Kestrel for public websites. For ASP.NET Core 2.0, while this is not a hard constraint anymore there are still a series of advantages in doing so:
some scenarios like sharing the same IP and port by multiple applications are not yet supported in Kestrel
helps in limiting the exposed surface area
provides an additional layer of configuration and defense
provides process management for the ASP.NET Core application (ensuring it restarts after it crashes)
in some scenarios a certain web server already integrates very well
helps simplifying load balancing and SSL setup
Hence using a reverse proxy together with the Kestrel server allows us to get benefits from both technologies at once.
A common option on Windows is using IIS: for instructions on how to deploy Firely Server on IIS see Deploy Firely Server on IIS.
For a comparison of IIS and Kestrel features at the moment of this writing you can check here.
A popular open source alternative is Nginx. For instruction on how to deploy Firely Server on Nginx see Deploy Firely Server on Nginx on Linux
Using X-Forwarded-Host header
The X-Forwarded-Host header is used for identifying the original host by the client, which is especially useful with reverse proxies. As per the FHIR specification, Firely Server supports usage of this header. Keep in mind that usage of the header exposes privacy sensitive information.
When using this header, make sure that the header value only contains the domain name like listed below:
Does not work: