The Werkzeug WSGI server is not intended for production use. It is provided as a convenience during development. It was not designed with security or performance in mind (by default it only processes one request at a time). Use a real WSGI application server, such as uWSGI or Gunicorn, for performance and a proxy server through a real web server such as Nginx for performance and security. The web server is good at requesting and responding in a queue, can simultaneously serve static and other content and is designed for SSL processing. WSGI servers can efficiently coordinate multiple requests in an application. Werkzeug was developed as a WSGI library, not as a web server or a WSGI server.
docs tells you that you are not using a development server during production.
You can use the embedded server during development, but you must use the full deployment option for production applications. (Do not use the embedded development server during production.)
In addition, web servers run as root (then privileges are reset), so they can listen on the standard ports 80 and 443. You should never run the application with administrator rights, and therefore you should only be able to communicate with ports above 1024, so users must know the port, not just the domain.