To use QuotaGuard with in a Django environment with MSSQL, we suggest you use the SOCKS proxy using the QuotaGuard QGTunnel software.

Here are some setup instruction to get started:

1. Download QGTunnel into the root of your project

 curl | tar xz

2. Log in to our dashboard and setup the tunnel

If you are using the Heroku CLI, you can log into our dashboard with the following command:

 heroku addons:open quotaguardstatic  

Or, if you prefer, you can login from the Heroku dashboard by clicking on QuotaGuard Static on the resources tab of your application.

Once you are logged into our dashboard, in the top right menu, go to Setup (Gear Icon), click on QGTunnel Configuration, then Create Tunnel.


Remote Destination: tcp:// 

Local Port: 1433

Transparent: true

Encrypted: false

This setup assumes that the remote MSSQL server is located at and is listening on port 1433.  This is usually the default port.


The Local Port is the port number that QGTunnel will listen on.  In this example, we set it to 5432, but if you have another process using 1433, you may have to change it (ie: 1434).

Transparent mode allows QGTunnel to override the DNS for to, which redirects traffic to the QGTunnel software.  This means you can connect to either or to connect through the tunnel.

Encrypted mode can be used to encrypt data end-to-end, but if your protocol is already encrypted then you don't need to spend time setting it up. We believe MSSQL is already encrypted, but you should always double check.

3. Change your code to connect through the tunnel


With transparent mode and matching Local and Remote ports you should not need to change your code. You can also connect to

Without transparent mode, you will want to connect to


4. Change your startup code


Change the code that starts up your application.  In Heroku, this is done with a Procfile


Basically, you just need to prepend your startup code with "bin/qgtunnel".

So for a Procfile that was previously:

web: your-application your arguments

you would now want:

web: bin/qgtunnel your-application your arguments  

If you do not have a Procfile, then Heroku is using a default setup in place of the Procfile based on the framework or language you are using.  You can usually find this information on the Overview tab of the application in Heroku's dashboard.  It is usually under the heading "Dyno information".

5. Commit and push your code


Be sure that the file bin/qgtunnel is added to your repository.

If you are using transparent mode, be sure that vendor/nss_wrapper/ is also added to your repository.


If you are not using transparent mode, you will want to set the environment variable QGTUNNEL_DNSMODE to DISABLED to avoid seeing an error message in your logs.

6.  Problems?


Enable the environment variable QGTUNNEL_DEBUG=true and then restart your application while watching the logs.  


Still having issues? Send QuotaGuard Support the information in the logs. 

Please redact any sensitive information, including your QuotaGuard connection URL.




After you get everything working, please download the QGTunnel configuration from our dashboard as a .qgtunnel  file and put that in the root of your project.  


Doing this step prevents your project from relying on the QuotaGuard website being online during startup.

Alternatively, you can put the contents of the downloaded configuration file in a QGTUNNEL_CONFIG environment variable.