This function allows adjusting settings for a specific port.
The port number to listen on.
If specified the server will try from
PORT up to the specified
MAX_PORT. The server will stop at the first port that is usable.
Allow the system to pick a port if the range of ports fail to find an available port.
The address to bind the server on. The default is the any address (i.e. 0.0.0.0).
Enable IPv6 support.
The list of hosts the server is allowed to serve. This is a security measure to prevent host header attacks. The default is all hosts are allowed.
A boolean that specifies whether to use the X-Forwarded-Host instead of the Host header. The default is False.
The log file this port should log all of its information too.
The minimum severity entries will be logged to the log file. The default is hwebserver.WarningSeverity.
The SSL certificate chain the server should use.
The private key the server should use. The key must be in PEM format.
The Diffie-Hellman (DH) params the server should use.
If the server should verify the peer when using HTTPS. The default is True.
If an HTTP request is received it will be redirected to HTTPS. If the request does not contain header
Upgrade-Insecure-Requests: "1" then the server will reject the request with 403 (Forbidden).
When redirecting an insecure request use this host instead of the host in the request. This has no affect if SSL_REDIRECT is False.
List of hosts that are exempt from being redirected to HTTPS. This has no affect if SSL_REDIRECT is False.
The number of seconds the client should remember the path is only to be accessed using HTTPS. The default is 0.
If this is set to True then all subdomains should be treated as only accessible via HTTPS. The default is False.
If this is set to True then the client should never attempt to use an insecure request. The default is False.
If this is set to True
X-Content-Type-Options: nosniff is added to the response. This prevents against some types of drive-by-downloads. The default is True.
If this is set the Referrer Policy is added to all responses that do not already have this header set. The default is
This settings helps to prevent a set of cross-origin attacks dubbed XS-Leaks. This settings if specified will set the
Cross-Origin-Opener-Policy if not already set. The default is