{"_id":"55dc75c055be9f21004ee24e","user":"55dc702d7fa0290d00559106","githubsync":"","project":"55db8f8f1a91690d007ad975","__v":29,"category":{"_id":"55dc751b00a8811900c230e3","pages":["55dc75b27fa0290d00559123","55dc75c055be9f21004ee24e","55dc75ef00a8811900c230e7","55dc76036f16451700843e0c","55dc760e00a8811900c230e9","55dc767d55be9f21004ee251","55df5db386ae7f0d00db4ccd","55df64cfaf76b70d0060a60e","55df7263c59b180d005fa70e","55e0b72fa44fae0d002148c5","55e0c42b5087cb1900986c0f","55e36b1bac4eef230079a735","55f363ea2d3bae21009c47aa","55f36bcc5f8674370067b73c","55f36c23ec46040d0030326a","5605d2eda4574a0d00811346","560ac5fef6994b0d0023bca6","561be02937781d0d007942b0","56782f0048c8d00d0094b7fc"],"project":"55db8f8f1a91690d007ad975","version":"55db8f901a91690d007ad978","__v":19,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-08-25T14:00:59.500Z","from_sync":false,"order":1,"slug":"how-to-get-started","title":"Agent Installation"},"parentDoc":null,"version":{"_id":"55db8f901a91690d007ad978","project":"55db8f8f1a91690d007ad975","__v":17,"createdAt":"2015-08-24T21:41:36.034Z","releaseDate":"2015-08-24T21:41:36.034Z","categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-08-25T14:03:44.968Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":4,"body":"[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/XO0OippYQ5Uyj1vndb1R_django-logo-positive.png\",\n        \"django-logo-positive.png\",\n        \"1200\",\n        \"418\",\n        \"#143c2c\",\n        \"\"\n      ]\n    }\n  ]\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Supported Versions\"\n}\n[/block]\nPython: CPython runtime version 2.6 or 2.7\nDjango: 1.4 to 1.11\n\nFor SQL Injection Protection we support the following drivers:\n  * MySQL using the MySqlDB or pymysql library\n  * PostgreSQL using the psycopg2 library\n  * SQLite using the sqlite3 or pysqlite2 library\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Prerequisites\"\n}\n[/block]\nThe IMMUNIO agent communicates with a management service at https://agent.immun.io. Ensure outbound access to this address is unblocked.​\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Installation\"\n}\n[/block]\nThe Django IMMUNIO agent is a Python package, ​so installation is consistent with other Python packages you may currently be using.\n\n## With Pip\nTo install the agent with pip, use the following command:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"pip install immunio\",\n      \"language\": \"shell\"\n    }\n  ]\n}\n[/block]\n## Without Pip\nIf you are not using P​ip, you can download the package from [PyPi](https://pypi.python.org/pypi/immunio).\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Configuration\"\n}\n[/block]\n## Initialize the agent\nFirst you need to connect your application to the agent. This requires adding one line of code to the `wsgi.py` file for your app. Before the first import, add the following line to initialize IMMUNIO:​\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"# If you have __future__ imports, they must be at the top of the file.\\n\\nimport immunio.start\\n\\n# All other imports and code must come AFTER the immunio import above.\",\n      \"language\": \"python\"\n    }\n  ]\n}\n[/block]\nNext, the key and secret need to be provided to the agent. There are two ways to provide agent configuration: using an INI file, or using environment variables.\n\n## Configure settings using an INI file\nTo configure settings using an INI file, create the file `immunio.ini` in the top-level directory of the app. The file should include content below. Replace the key and secret with the values in the dashboard for your app.​\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"[immunio]\\nkey = 87637d4f-f01a-406d-b3e6-1ff8f84a3d34\\nsecret = a0ca4263-da57-45f5-aabb-b72e5a78b510\\ncode_protection_plugins_enabled = true\",\n      \"language\": \"toml\"\n    }\n  ]\n}\n[/block]\n## Configure settings using environment variables\nWhen using environment variables, convert setting names to uppercase and prepend ```IMMUNIO_``` to them. For example, the setting for key would be provided as the environment variable ```IMMUNIO_KEY``` as in the example below. Don't forget to change the key and secret of this example to match the values provided for your application in the dashboard.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"export IMMUNIO_KEY=87637d4f-f01a-406d-b3e6-1ff8f84a3d34\\nexport IMMUNIO_SECRET=a0ca4263-da57-45f5-aabb-b72e5a78b510\\nexport IMMUNIO_CODE_PROTECTION_PLUGINS_ENABLED=true\",\n      \"language\": \"shell\"\n    }\n  ]\n}\n[/block]\n\n[block:callout]\n{\n  \"type\": \"info\",\n  \"title\": \"Account Takeover Configuration\",\n  \"body\": \"If you do not plan to use IMMUNIO's Code Protection features, you can either set the Code Protection variable to false or simply remove that line from your configuration.\"\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Verification\"\n}\n[/block]\nWe support gunicorn, chausette, and servers using the WSGI interface.\n\nOnce the agent is installed and configured, start your application and send an HTTP request to it. Without that first HTTP call, the agent status will display INACTIVE in the dashboard. Within seconds of your first request, the agent should report in and change its status indicator to OK. Your app is now protected with IMMUNIO!​","excerpt":"","slug":"python-with-django","type":"basic","title":"Python with Django"}

Python with Django


[block:image] { "images": [ { "image": [ "https://files.readme.io/XO0OippYQ5Uyj1vndb1R_django-logo-positive.png", "django-logo-positive.png", "1200", "418", "#143c2c", "" ] } ] } [/block] [block:api-header] { "type": "basic", "title": "Supported Versions" } [/block] Python: CPython runtime version 2.6 or 2.7 Django: 1.4 to 1.11 For SQL Injection Protection we support the following drivers: * MySQL using the MySqlDB or pymysql library * PostgreSQL using the psycopg2 library * SQLite using the sqlite3 or pysqlite2 library [block:api-header] { "type": "basic", "title": "Prerequisites" } [/block] The IMMUNIO agent communicates with a management service at https://agent.immun.io. Ensure outbound access to this address is unblocked.​ [block:api-header] { "type": "basic", "title": "Installation" } [/block] The Django IMMUNIO agent is a Python package, ​so installation is consistent with other Python packages you may currently be using. ## With Pip To install the agent with pip, use the following command: [block:code] { "codes": [ { "code": "pip install immunio", "language": "shell" } ] } [/block] ## Without Pip If you are not using P​ip, you can download the package from [PyPi](https://pypi.python.org/pypi/immunio). [block:api-header] { "type": "basic", "title": "Configuration" } [/block] ## Initialize the agent First you need to connect your application to the agent. This requires adding one line of code to the `wsgi.py` file for your app. Before the first import, add the following line to initialize IMMUNIO:​ [block:code] { "codes": [ { "code": "# If you have __future__ imports, they must be at the top of the file.\n\nimport immunio.start\n\n# All other imports and code must come AFTER the immunio import above.", "language": "python" } ] } [/block] Next, the key and secret need to be provided to the agent. There are two ways to provide agent configuration: using an INI file, or using environment variables. ## Configure settings using an INI file To configure settings using an INI file, create the file `immunio.ini` in the top-level directory of the app. The file should include content below. Replace the key and secret with the values in the dashboard for your app.​ [block:code] { "codes": [ { "code": "[immunio]\nkey = 87637d4f-f01a-406d-b3e6-1ff8f84a3d34\nsecret = a0ca4263-da57-45f5-aabb-b72e5a78b510\ncode_protection_plugins_enabled = true", "language": "toml" } ] } [/block] ## Configure settings using environment variables When using environment variables, convert setting names to uppercase and prepend ```IMMUNIO_``` to them. For example, the setting for key would be provided as the environment variable ```IMMUNIO_KEY``` as in the example below. Don't forget to change the key and secret of this example to match the values provided for your application in the dashboard. [block:code] { "codes": [ { "code": "export IMMUNIO_KEY=87637d4f-f01a-406d-b3e6-1ff8f84a3d34\nexport IMMUNIO_SECRET=a0ca4263-da57-45f5-aabb-b72e5a78b510\nexport IMMUNIO_CODE_PROTECTION_PLUGINS_ENABLED=true", "language": "shell" } ] } [/block] [block:callout] { "type": "info", "title": "Account Takeover Configuration", "body": "If you do not plan to use IMMUNIO's Code Protection features, you can either set the Code Protection variable to false or simply remove that line from your configuration." } [/block] [block:api-header] { "type": "basic", "title": "Verification" } [/block] We support gunicorn, chausette, and servers using the WSGI interface. Once the agent is installed and configured, start your application and send an HTTP request to it. Without that first HTTP call, the agent status will display INACTIVE in the dashboard. Within seconds of your first request, the agent should report in and change its status indicator to OK. Your app is now protected with IMMUNIO!​