Sqreen
Last updated 10 March 2018
Table of Contents
Sqreen is a unified platform to secure web apps. Thanks to Sqreen, developers can easily integrate security into their web apps with extensible plugins ranging from data protection to user protection.
Built with developers in mind, Sqreen provides stack traces and other actionable information to help you remedy security issues quickly and easily.
For more information about plugin, you can visit our Security Hub.
The Sqreen client library runs alongside your application code and introduces no network latency. Using Sqreen doesn’t require code modification nor traffic redirection.
Sqreen client libraries are available for Ruby, Python, Node.js, Java and soon PHP.
Provisioning the add-on
Sqreen can be added to any Heroku application via the CLI:
A list of all plans available can be found here.
$ heroku addons:create sqreen
-----> Adding sqreen to sharp-mountain-4005... done, v18 (free)
The SQREEN_TOKEN config var is set automatically for your app when you provision the add-on. It is the credential required to access Sqreen services.
When using Sqreen with Heroku, you should use config vars to configure Sqreen.
Using Sqreen with Ruby
Sqreen is compatible with the most popular Ruby web frameworks. See our Ruby agent compatibility documentation section to confirm it is compatible with your app.
If you have a Ruby on Rails app, add the following gem to your Gemfile:
gem 'sqreen'
Then update your app’s dependencies by running bundle install.
The SQREEN_TOKEN config var is set automatically for your app when you provision the add-on. It is the credential required to access Sqreen services.
For more information about configuring the Sqreen client library, see the Advanced Configuration in Ruby documentation section. You should use the config vars to configure Sqreen.
If your application uses the Devise framework, Sqreen automatically detects and monitors user accounts with the DatabaseAuthenticatable strategy. You can also track your user accounts using our SDK.
Using Sqreen with Python
Sqreen is compatible with the most popular Python web frameworks. See our Python agent compatibility documentation section to confirm it is compatible with your app.
First, install the Sqreen Python client library by adding it in your requirements.txt file.
Then, in your application’s root directory, modify your application file (typically wsgi.py or app.py) by adding the following line of code to the very top:
import sqreen
sqreen.start()
You can also require it directly from your Procfile: web: ... sqreen-start ...
The SQREEN_TOKEN config var is set automatically for your app when you provision the add-on. It is the credential required to access Sqreen services.
For more information about configuring the Sqreen client library, see the Advanced Configuration in Python documentation section.
When using Sqreen with Heroku, you should use config vars to configure Sqreen.
Sqreen automatically detects and monitors user accounts for Python applications running Django 1.6 and later. You can also track your user accounts using our SDK.
Using Sqreen with Node.js
Sqreen is compatible with the most popular Node.js web frameworks. See our Node.js agent compatibility documentation section to confirm it is compatible with your app.
Install the Sqreen Node.js client library with the following command:
$ npm install --save sqreen
Then edit your main script and require the Sqreen client library first, at the top (before New Relic if you are using it):
require('sqreen');
The SQREEN_TOKEN config var is set automatically for your app when you provision the add-on. It is the credential required to access Sqreen services.
For more information on configuring the Sqreen client library, see the Advanced Configuration in Node.js documentation section. You should use the config vars to configure Sqreen.
Sqreen automatically detects and protects user accounts for Node.js apps which use either passport-local version 1.0 or later or passport-http version 0.3 or later for authentication. You can also track your user accounts using our SDK.
The Sqreen dashboard
The Sqreen dashboard provides a bird’s-eye view of your application security.
Sqreen is made of extensible plugins ranging from data protection to user protection. Each plugin monitors a critical activity in your application (database access, shell command execution, file inclusion, etc) and enables you to respond and be notified the way you want to.
For more information about plugin, you can visit our Security Hub.
You can access your Sqreen dashboard from the Heroku CLI:
$ heroku addons:open sqreen
Opening sqreen for sharp-mountain-4005
You can also access the Sqreen dashboard by visiting your Heroku Dashboard, pick an app where Sqreen is installed and select it from the Resources > Add-ons menu.
Migrating between plans
Application owners should carefully manage the migration timing to ensure proper application function during the migration process.
Use the heroku addons:upgrade command to migrate to a new plan.
$ heroku addons:upgrade sqreen:newplan
-----> Upgrading sqreen:newplan to sharp-mountain-4005... done, v18 ($X/mo)
Your plan has been updated to: sqreen:newplan
Removing the add-on
You can remove Sqreen via the CLI:
This will remove all associated data and cannot be undone!
$ heroku addons:destroy sqreen
-----> Removing sqreen from sharp-mountain-4005... done, v20 (free)
Support
All Sqreen support and runtime issues should be submitted via one of the Heroku Support channels. Any non-support related issues or product feedback is welcome at hey@sqreen.io.