The malidate server can be uses by multiple clients. Of course, you don’t want other clients to see what you did with the malidate server. In order to solve this, at startup, a client generates a 16-character long random alphanumeric string. Every request it makes is then prefixed by that random string. When a client then needs to get the logs from the malidate server, it asks for all logs beginning with that string. This string is mandatory and also has a fixed length (so you can’t just ask for all logs beginning with ‘a’ and so forth).
The server should have a wildcard HTTPS certificate and a domainname. It should whitelist ports 53 (UDP and TCP), 80 (TCP) and 443 (TCP) in the firewall.
Over here: malidate and malidate-mitmproxy.