Server Agent Overview
The ByteHide Server Agent protects all .NET applications on a server automatically. Install once, restart your apps, and every .NET 6+ process gets runtime protection without any code changes.
What Is the Server Agent?
The Server Agent is an alternative to the in-app NuGet package installation. Instead of adding a dependency to each project, you install a system-wide agent that hooks into every .NET process on the machine.
| Feature | In-App (NuGet) | Server Agent |
|---|---|---|
| Installation | Per-project NuGet package | One-time system install |
| Code changes | Add package + configure | None |
| Scope | Single application | All .NET apps on the server |
| Best for | Fine-grained per-app control | Blanket server protection |
| Supported frameworks | .NET 6+, .NET Framework 4.6.2+ | .NET 6+ |
How It Works
The agent uses two .NET runtime mechanisms to inject protection automatically:
DOTNET_STARTUP_HOOKS- The .NET runtime loads the agent DLL beforeMain()in every .NET process. This works for all .NET 6+ applications: console apps, web APIs, services, and more.ASPNETCORE_HOSTINGSTARTUPASSEMBLIES- For ASP.NET Core apps, the agent registers middleware (WAF, request inspection) viaIHostingStartupwithout any code changes.
Since the environment variables are set at the system level, every .NET process picks them up automatically:
- IIS application pools
- Windows Services
- systemd services
- Console applications
- Apps launched from any terminal
Installation Guides
Choose the guide that matches your server environment:
Windows
PowerShell script or dotnet tool. Supports IIS, Windows Services, and console apps.
Linux & macOS
Shell script or dotnet tool. Supports systemd, Docker, and console apps.
Docker
Dockerfile setup for Linux and Windows containers, Docker Compose, and CI/CD.
Agent CLI Reference
After installation, use the bytehide-agent CLI to manage the agent:
bytehide-agent status # Check if agent is installed and active
bytehide-agent config show # View current configuration
bytehide-agent logs # View agent logsbytehide-agent status # Check if agent is installed and active
bytehide-agent config show # View current configuration
bytehide-agent logs # View agent logsSee the Agent CLI Reference for all available commands.
Configuration
The agent reads its protection rules from monitor.config.json, created automatically during installation. You can customize protections using the same JSON schema as the in-app configuration.
See JSON Configuration for the full schema reference.
Next Steps
- Windows Installation - Install on Windows Server
- Linux & macOS Installation - Install on Linux or macOS
- Docker Installation - Install in Docker containers
- Agent CLI Reference - All CLI commands