Does opening separate port for each plot creates security issue?

I have a web application where the user selects different kinds of plots to be plotted using bokeh. The problem is, from multiple sources (source) I found that to run more than one plot, different ports should be used (or, run all plots using single command). Since there are multiple users, I may need to plot graphs at any time the user wants. So I cannot plot using a single command and opening multiple ports will open window for attacks. So is there any way to run multiple plots other than using single command or opening multiple ports?.
And Is it really feasible opening different port for each instance of bokeh server?.

Thank you, Please answer.

I’d say this goes beyond the scope of Bokeh. But I think a load balancer should be able to do this. E.g. a user goes to and internally it’s served via a Bokeh app that listens on localhost:50000; the next user goes to the same URL and ends up being served by a Bokeh app that listens on localhost:50001.

@reddihari A single Bokeh server can run multiple Bokeh apps (on the same port). Bokeh app code is not actually “run” until connections are made, so there is no t really any cost to do this. As an example, all the apps you see on are running on a a single Bokeh server. If you know up front ahead of time all the possible apps that users will need to access then I’d suggest simply running all of them on one Bokeh server. Then, if you need “scale out” in order to handle many users than that’s when you could put things behind a load balancer as @p-himik suggests (though, if the apps are not computationally heavy, you may not even need to).

If you need to add apps “dynamically” or “on the fly” then that is when you would need to start new Bokeh servers on different ports. (Which you could also probably map to a single port externally using a reverse proxy like Nginx). But it’s also worth examining assumptions, too, and make sure you actually need a Bokeh server at all. Bokeh server apps are useful when you want to connect plot tools and event and widgets to real Python code. E.g you want to run Pandas operations when a selection is made or Scikit-learn models when a button is pressed. If you just need to show static plots or ons with simple basic interactions, then a Bokeh server is overkill.