Python agent compatibility


The Python agent is compatible with the most popular web frameworks, operating systems and web servers. Below you can find more details about specific version compatibility.

Refer to the installation steps to install Sqreen in your Python applications.

Other framework?

We are working on supporting more frameworks. Please, contact us if you are using a different framework. We will be happy to revisit our roadmap!

Python versions

The Sqreen Python agent is fully compatible with:

  • Python 2.7.x
  • Python 3.4.x
  • Python 3.5.x
  • Python 3.6.x
  • Python 3.7.x

Python frameworks

The Python agent is fully compatible with:

The server needs to use either the built-in asyncio event loop or uvloop.

Operating systems

The Sqreen Python agent is supported on:

  • macOS
  • Linux

Servers

The Python agent is fully compatible with all the most popular WSGI Servers:

The Python agent is fully compatible with uWSGI servers. When using uWSGI, you need to include some options:

  • --enable-threads, by default uWSGI doesn't permit the creation of threads. The Python agent requires threads for performance reasons.
  • --single-interpreter, by default with uWSGI, every app is loaded in a new Python interpreter. The Python agent is only compatible when your application is loaded on the same Python VM.
  • --py-call-osafterfork, by default uWSGI doesn't execute cleanup code on threads after forking while its the default behavior. This option re-enable it.

The Python agent is fully compatible with the aiohttp.web server. This feature is currently in beta mode.

Databases

Sqreen protects against SQL and NoSQL injections for the most common production databases:

  • MySQL
  • PostgreSQL
  • SQLite

Other database?

Please, contact us if you are using a different database. We will be happy to revisit our roadmap!

Templating engines

Protection against cross-site scripting attacks (XSS) is available for the most widespread templating engines in Python:

  • Django templating engine
  • Jinja2 templating engine

Other templating engine?

Please, contact us if you are using a different templating engine. We will be happy to revisit our roadmap!

Automatic User Context in Python

Sqreen automatically detects and protects user accounts when your application is based on Django framework. For other frameworks or specific authentication methods, refer to advanced User Context in Python, using Python SDK for user monitoring.

To monitor and protect your users, the Python agent hooks the Django authenticate function. This allows the Sqreen Python agent to work with any authentication backend.

Django user identifiers

The Sqreen Python agent automatically detect the user identifier information. The following argument values are considered as your users identifier:

  • username
  • email
  • user
  • mail
  • login
  • name
  • id
  • userid
  • user_id
  • identification

If you don't see any authentication attempt on your dashboard, check that your code is actually calling the standard Django authenticate function and that at least one keyword argument match the list above.

Don't hesitate to contact us if you need any help.

Sqreen and NewRelic Agents

The Sqreen and NewRelic Python agents work perfectly together. Ensure that if you use the CLI helpers put sqreen-start before newrelic-admin:

sqreen-start newrelic-admin gunicorn ...

And if you modify the WSGI file, import Sqreen before NewRelic:

try:
    import sqreen
    sqreen.start()
except ImportError:
    pass

try:
    import newrelic.agent
    newrelic.agent.initialize('newrelic.ini')
except ImportError:
    pass

Sqreen usage for non-web applications

Sqreen detects non-web applications at launch time (application working without a web server). Sqreen will not be enabled for the following cases:

  • Tests launchers
  • iPython interpreters
  • Celery workers
  • RQ workers
  • Django and Flask interactive interpreter (manage.py shell).

If you want to disable Sqreen when launching an application, you can add the SQREEN_DISABLE=1 environment variable.