Lighthunter HTTP/2 Server is a custom-built, Python-based web server platform designed for modern HTTPS delivery using HTTP/2 and ALPN (Application-Layer Protocol Negotiation). It enforces a secure-by-default architecture with extensibility through a dynamic plugin system.

Key Features

• Strict HTTP/2 over TLS enforcement — all clients must negotiate HTTP/2 with ALPN; HTTP/1.x connections are rejected or redirected to a fallback page.
• Multi-domain support via SNI — serve multiple domains with per-domain certificates, plugin paths, static directories, and aliases.
• Plugin-based dynamic content — Python plugins generate HTML content dynamically per domain or shared across sites as system plugins.
• Built-in session management — secure per-user session tracking with TTL, automatic cleanup, and role support.
• Modern compression — supports Brotli (br) and Gzip based on the client's Accept-Encoding header.
• Custom HTML DOM model — server-side HTML rendering via structured Python classes ensures consistent layout and styling.
• Strict TLS cipher suites — only strong AEAD ciphers (AES-GCM, ChaCha20) are allowed; older TLS versions are disabled.
• Efficient static file handling — serves CSS, JS, fonts, images, and more with optional compression and long-term caching.
• Lightweight & embedded-friendly — optimized to run on low-resource devices like Raspberry Pi with minimal dependencies.

Security Highlights

• TLS 1.2+ only with mandatory ALPN negotiation.
• Secure cookies (HttpOnly, Secure), isolated per session and domain.
• Domain-level plugin isolation to reduce risk of code crossover.
• Session timeouts and regular cleanup of expired sessions.
• Optional fallback redirection for unsupported HTTP/2 clients.

Use Cases

• Hosting lightweight websites with dynamic or static content.
• Internal dashboards, tools, or custom control panels.
• Educational server platform for exploring HTTP/2, TLS, and web security.
• Secure microservice or API endpoints with structured session handling.