Why does my free ngrok URL change every time?

Free tier URLs are randomly generated each session. This is by design to encourage paid plan adoption for stable URLs. If you need a consistent URL, the Hobbyist plan ($10/month) lets you reserve a static subdomain and removes the interstitial page for visitors.

Can I use ngrok in production?

ngrok positions itself as an ingress platform suitable for production, especially on Enterprise plans. However, most teams use it for development, testing, and demos. For production ingress, evaluate whether Cloudflare Tunnel, a load balancer, or your cloud provider's native ingress is more appropriate.

How do I test webhooks with ngrok?

Start a tunnel (`ngrok http 3000`), copy the HTTPS URL, and paste it into the webhook configuration of the service you're integrating (Stripe, GitHub, Twilio, etc.). Incoming webhooks hit your local server. Inspect them at localhost:4040 and replay them as needed.

What's the difference between ngrok and Cloudflare Tunnel?

ngrok is faster to set up (one command) and has a better request inspection UI. Cloudflare Tunnel is free for custom domains but requires Cloudflare account setup and DNS configuration. ngrok is better for quick development tunnels; Cloudflare Tunnel is better for long-running tunnels with custom domains.

Can multiple people access my ngrok tunnel?

Yes. Anyone with the URL can access it, subject to any authentication you've configured. On the free tier, first-time visitors see an ngrok interstitial page they must click through.

Does ngrok work with Docker?

Yes. You can run the ngrok agent inside a Docker container and tunnel to another container's port. ngrok provides an official Docker image. Alternatively, run ngrok on your host and tunnel to a Docker container's mapped port.

Can I expose a database through ngrok?

Yes, using TCP tunnels (paid feature). Run `ngrok tcp 5432` to expose a local PostgreSQL instance. You get a hostname and port that remote clients can use to connect. Use with caution—add authentication and IP restrictions to prevent unauthorized access.

Press Ctrl+C in the terminal where ngrok is running. The tunnel closes immediately and the URL becomes unreachable. Your local server continues running but is no longer accessible from the internet.

Does ngrok add latency?

Yes, some. Requests travel from the visitor to ngrok's edge server to your machine and back. The added latency depends on geography—typically 20-100ms. For development and testing, this is imperceptible. For latency-sensitive production workloads, use direct ingress instead.

PublishedJanuary 1, 2026•UpdatedMay 9, 2026

ngrok

Name: ngrok
Availability: InStock

Secure tunnels to localhost

Developer ToolsFreeReplaces LocalCan ($89)

ngrok screenshot — ngrok — Official Website

Quick Take: ngrok

4.6

ngrok is the fastest way to put your local server on the internet. Five seconds from nothing to a working HTTPS URL. The request inspection dashboard is the best webhook debugging tool available. The free tier handles most development needs. The downsides are real—random URLs on the free tier, the interstitial page for visitors, and paid features that feel like they should be free (TCP tunnels, static URLs). But no competitor matches ngrok's combination of speed, simplicity, and inspection tools. If you develop against webhooks, test mobile apps against local APIs, or show work to clients, ngrok belongs in your toolkit.

Best For

•Developers integrating webhooks (Stripe, GitHub, Twilio)
•Mobile developers testing against local APIs
•Freelancers and agencies sharing work-in-progress with clients
•Anyone who needs a public URL for a local server, fast

What is ngrok?

ngrok puts your localhost on the internet. That's the one-line explanation, and it's the reason millions of developers use it. You're running a web server on your laptop at localhost:3000 and you need to show it to a client, test a webhook from Stripe, or let a teammate hit your API. Normally you'd have to deploy to a staging server, configure DNS, set up SSL, and wait. With ngrok, you run `ngrok http 3000` and get a public HTTPS URL that tunnels traffic directly to your local machine. The whole process takes about five seconds. ngrok works by establishing an outbound TLS connection from your machine to ngrok's edge servers. When someone visits your ngrok URL, the request travels through ngrok's infrastructure and arrives at your local server as if it came from localhost. The response goes back the same way. From the outside, it looks like a normal website. From your side, it looks like local traffic. No firewall rules to change, no port forwarding to configure, no router settings to touch. Founded by Alan Shreve and backed by $75M in Series A funding (2024), ngrok has grown from a simple tunneling tool into a full ingress platform. The free tier still does what most developers need—HTTP tunnels with a random subdomain. The paid tiers add custom domains, IP restrictions, OAuth authentication at the tunnel level, TCP tunnels for non-HTTP protocols, and a web inspection dashboard that lets you replay and modify requests. In 2026, ngrok processes billions of connections per month and is the default tool developers reach for when they need to expose local services to the internet. The platform now supports AI Gateway capabilities and Kubernetes ingress in addition to its core tunneling features. The competition has grown—Cloudflare Tunnel, Tailscale Funnel, and localhost.run offer alternatives—but ngrok remains the most widely used because of its simplicity, its inspection UI, and its decade of reliability. When you search 'webhook testing' or 'expose localhost', ngrok is the answer.

Install with Homebrew

brew install --cask ngrok

Deep Dive: How ngrok Became the Default Tunneling Tool

ngrok succeeded because it solved a universal developer problem with a single command. Before ngrok, exposing a local server meant configuring port forwarding, dynamic DNS, and self-signed certificates. After ngrok, it meant `ngrok http 3000`.

History & Background

ngrok was created by Alan Shreve in 2013. The original version (ngrok 1.x) was open-source and written in Go. Version 2.0 (2015) was a commercial rewrite that introduced the paid tier model. By 2020, ngrok was the de facto standard for local tunneling. The 2024 Series A ($75M) from Lightspeed Venture Partners funded the expansion into a full ingress platform with traffic policy, edge computing, and enterprise features. Despite the enterprise pivot, the core tunneling functionality remains accessible on the free tier.

How It Works

ngrok works through a persistent TLS connection from the agent (on your machine) to ngrok's edge servers. When a request arrives at your ngrok URL, the edge server multiplexes it over the existing agent connection to your local machine. The agent forwards the request to your local port and sends the response back. This outbound-only connection model is why ngrok works behind firewalls and NATs without any configuration—your machine initiates the connection, so no inbound rules are needed.

Ecosystem & Integrations

ngrok has SDKs for Go, Python, JavaScript, Java, and Rust that let you embed tunnels directly in your application code. There are IDE integrations for VS Code and JetBrains. CI/CD platforms like GitHub Actions have ngrok actions for automated testing. The ngrok API allows programmatic tunnel management for build systems and test harnesses. The ecosystem is mature because ngrok has been around for over a decade and developers have built tooling around it.

Future Development

ngrok is expanding beyond tunneling into a full 'ingress-as-a-service' platform. Recent additions include traffic policy (rules-based request routing), webhook verification, and OAuth integration at the tunnel level. The company is positioning ngrok as an alternative to traditional reverse proxies and API gateways for development and staging environments. For individual developers, the core free tunneling is unlikely to change—it's the top of the funnel for ngrok's paid plans.

Key Features

HTTP/HTTPS Tunnels

The core feature. Run `ngrok http 3000` and get a public HTTPS URL that proxies to your local port 3000. The URL looks like `https://abc123.ngrok-free.app`. HTTPS is automatic—ngrok terminates TLS at its edge and forwards the request to your local server over the encrypted tunnel. You don't need to set up certificates, configure nginx, or touch your firewall. The tunnel stays open as long as the ngrok process runs.

Request Inspection Dashboard

When a tunnel is active, ngrok runs a local web interface at localhost:4040 that shows every HTTP request and response flowing through the tunnel. You see the full headers, body, status code, timing, and any TLS details. You can replay any request with a single click—edit the headers or body before replaying if you want. This is invaluable for webhook development: when Stripe sends a payment notification to your tunnel, you can inspect the exact payload, verify your server's response, and replay it as many times as needed without triggering another real payment event.

Custom Domains

On paid plans, you can bring your own domain and point it to your ngrok tunnel. Instead of `abc123.ngrok-free.app`, your tunnel is accessible at `dev.yourdomain.com`. ngrok handles the DNS, TLS certificates (via Let's Encrypt), and certificate renewal. This is useful for webhook integrations that require a consistent callback URL, or for demo environments that need to look professional.

TCP Tunnels

Not everything is HTTP. If you need to expose a database, SSH server, game server, or any TCP-based service, ngrok supports raw TCP tunnels. Run `ngrok tcp 5432` to expose a local PostgreSQL instance. You get a hostname and port like `0.tcp.ngrok.io:12345` that forwards raw TCP traffic to your local port. This is a paid feature, but it's the fastest way to let a remote colleague connect to your local database for debugging.

Authentication at the Tunnel Level

ngrok can add authentication to your tunnel without changing your application code. Basic auth (`ngrok http 3000 --basic-auth='user:pass'`) adds a username/password prompt before anyone can access your tunnel. On paid plans, you can add OAuth authentication (Google, GitHub, Okta) so only authenticated users reach your local server. This turns ngrok into a quick-and-dirty access control layer for demo environments or internal tools.

Webhook Verification and Retry

ngrok can verify incoming webhook signatures from popular services (Stripe, GitHub, Twilio, Shopify) before forwarding them to your local server. Invalid signatures get rejected at the edge, reducing noise during development. The inspect UI lets you see which webhooks were verified and which failed, and you can replay verified requests to test your handling logic repeatedly.

ngrok Agent and Configuration File

The ngrok agent is a single binary with no dependencies. It runs on macOS, Windows, Linux, and Docker. Configuration is done via `ngrok.yml` (stored at `~/.config/ngrok/ngrok.yml` by default), where you can define multiple tunnels, set default authentication, configure logging, and specify your authtoken. The config file is simple YAML—no complex setup. Multiple tunnels can run simultaneously from one agent.

Traffic Policy and IP Restrictions

Paid plans include traffic policy rules that let you restrict tunnel access by IP address, add rate limiting, inject or modify headers, and redirect traffic based on URL patterns. This is useful for staging environments where you want only your office IP or VPN to reach the tunnel. Policies are defined declaratively in the ngrok dashboard or configuration file.

Who Should Use ngrok?

1The Webhook Developer

You're integrating Stripe payments into your app. Stripe needs a public URL to send payment events to. You run `ngrok http 3000` and paste the ngrok URL into Stripe's webhook configuration. Now every payment event hits your local server. When something fails, you open localhost:4040, inspect the exact payload Stripe sent, fix your handler, and replay the request without making another test payment. When you're done for the day, you stop ngrok. Tomorrow, you start a new tunnel and update the Stripe webhook URL (or use a custom domain on a paid plan to avoid this).

2The Mobile Developer Testing APIs

Your iOS app needs to talk to a backend API. During development, both run on your MacBook—the API on localhost:8080 and the app in the Simulator. But when you want to test on a physical device on the same WiFi, or share with a QA tester on a different network, you need a real URL. `ngrok http 8080` gives you one. Point the app at the ngrok URL and the physical device hits your local API as if it were deployed.

3The Freelancer Showing Work to a Client

You built a website locally and want to show the client before deploying. Deploy to staging? That takes time and might break. Instead, run `ngrok http 3000 --basic-auth='client:preview123'` and send the URL to your client. They see your local site with a password gate. You can make changes in real time while they watch. When the call is over, stop ngrok and the URL goes away.

4The DevOps Engineer Debugging

A third-party service needs to reach an internal tool running behind your company firewall. Setting up a VPN or public-facing proxy would take days of approvals. You run `ngrok http 8080 --ip-restriction allow-cidrs=203.0.113.0/24` to create a tunnel that only the third party's IP range can access. The tunnel is temporary—you tear it down when debugging is done. No permanent infrastructure changes, no security review delays.

How to Install ngrok on Mac

ngrok is a single binary. Installation via Homebrew takes one command.

Install via Homebrew

Run `brew install --cask ngrok` in Terminal. This installs the ngrok agent binary to your PATH.

Add Your Auth Token

Sign up at ngrok.com (free), copy your authtoken from the dashboard, and run `ngrok config add-authtoken YOUR_TOKEN`. This saves your token to `~/.config/ngrok/ngrok.yml` and links your agent to your account.

Start a Tunnel

Run `ngrok http 3000` (replace 3000 with your local port). You'll see a terminal UI showing the public URL, request count, and connection status. Visit the URL in a browser to verify it reaches your local server.

Open the Inspector

While the tunnel is running, open `http://localhost:4040` in a browser. This is ngrok's local inspection dashboard where you can see every request and replay them.

Pro Tips

• Use `ngrok http 3000 --host-header=localhost` if your local server checks the Host header and rejects requests from the ngrok domain.
• Run `ngrok http --help` to see all available flags. The most useful ones are `--basic-auth`, `--domain`, and `--inspect`.
• You can define multiple tunnels in ngrok.yml and start them all with `ngrok start --all`.

Configuration Tips

Define Tunnels in ngrok.yml for Repeatable Setups

Instead of typing `ngrok http 3000` every time, define your tunnels in `~/.config/ngrok/ngrok.yml`. Add a section like `tunnels: web: proto: http, addr: 3000` and then run `ngrok start web`. You can define multiple tunnels (frontend, backend, database) and start them all with `ngrok start --all`.

Use --host-header for Local Server Compatibility

If your local dev server (Next.js, Rails, Django) rejects requests because the Host header is `abc123.ngrok-free.app` instead of `localhost`, add `--host-header=localhost` to your ngrok command. This rewrites the Host header before it reaches your server.

Set Up a Fixed Subdomain for Webhook URLs

On the Hobbyist plan ($10/month), you can reserve a static subdomain like `your-name.ngrok-free.app`. This means your webhook URL stays the same across sessions—you don't have to update Stripe, GitHub, or Twilio every time you restart ngrok. For webhook-heavy workflows, this alone justifies the paid plan.

Use the API for Programmatic Tunnel Management

ngrok exposes a local API at `http://localhost:4040/api/tunnels` where you can list, create, and close tunnels programmatically. This is useful for CI/CD pipelines, automated testing setups, or custom tooling that needs to spin up tunnels on demand.

Alternatives to ngrok

The tunneling space has grown significantly. Here are the main alternatives:

Cloudflare Tunnel

Cloudflare Tunnel (formerly Argo Tunnel) is free and runs through Cloudflare's network. It requires a Cloudflare account and a domain managed by Cloudflare. Setup is more complex than ngrok (requires `cloudflared` daemon and DNS configuration), but it's free for custom domains and benefits from Cloudflare's global CDN. Choose Cloudflare Tunnel for permanent tunnels and production-like setups; choose ngrok for quick, temporary development tunnels with a better inspection UI.

Tailscale Funnel

Tailscale Funnel exposes local services through Tailscale's mesh VPN. It's simpler than ngrok for teams already using Tailscale, but it ties you to the Tailscale network. The free tier is more limited and there's no request inspection dashboard. Choose Tailscale Funnel if you're already in the Tailscale ecosystem.

localhost.run

localhost.run is a bare-bones SSH-based tunnel: `ssh -R 80:localhost:3000 nokey@localhost.run`. No installation required, no account needed. But it lacks inspection, custom domains, authentication, and TCP tunnels. Use it when you need a tunnel in 5 seconds and nothing else.

Localtunnel

Localtunnel is an open-source npm package (`npx localtunnel --port 3000`) that creates free HTTP tunnels. It's simpler than ngrok but less reliable, with no inspection dashboard, no TCP support, and frequent downtime. Suitable for quick demos; not for serious webhook development.

Pricing

Freemium

ngrok has a free tier and three paid tiers. The free tier includes a $5 one-time usage credit, up to 3 online endpoints, 1 GB data transfer, and 20k HTTP/S requests. The Hobbyist plan ($10/month, or $96/year billed annually) adds monthly usage credits, custom ngrok domains, and removes the interstitial page for visitors. The Pay-as-you-go plan ($20/month base fee plus usage-based billing) offers unlimited online endpoints, unlimited data transfer (5 GB included), unlimited HTTP/S requests (100k included), bring-your-own domains, and SSO/RBAC add-ons. For most individual developers, the free tier handles daily webhook testing and demo sharing. Custom domains, TCP tunnels, and production workloads are the primary reasons to upgrade.

Pros

✓Exposes localhost to the internet in 5 seconds—no configuration, no deployment
✓Request inspection dashboard is the best webhook debugging tool available
✓HTTPS is automatic—no certificate setup needed
✓Single binary, no dependencies, works on every platform
✓Free tier is generous enough for daily development use
✓Custom domains let you keep a stable URL across sessions
✓TCP tunnels support non-HTTP protocols (databases, SSH, game servers)
✓Authentication at the tunnel level without modifying your application
✓Webhook signature verification for popular services

Cons

✗Free tier URLs are random and change every session
✗Free tier shows an interstitial 'ngrok' page to first-time visitors
✗Paid plans can add up ($8-20/month) for features that seem basic
✗Performance depends on ngrok's infrastructure—added latency compared to direct connections
✗Rate limits on the free tier can hit during heavy testing
✗TCP tunnels are paid-only, which limits non-HTTP use cases

Community & Ecosystem

ngrok has been around since 2013 and has one of the largest communities in the developer tooling space. The documentation at ngrok.com/docs is comprehensive and well-maintained. Stack Overflow has thousands of ngrok questions and answers. The ngrok GitHub repositories include the official agent, SDKs for Go, Python, JavaScript, and Rust, and community-contributed integrations. There are ngrok plugins and extensions for VS Code, JetBrains IDEs, and various CI/CD platforms. The company publishes a blog with tutorials on webhook development, API testing, and tunnel best practices. For developers who need help, the ngrok Community Slack and GitHub Discussions are the primary support channels.

Video Tutorials

Getting Started with ngrok

ProgrammingKnowledge14.2K views

Make your local website live 🌐💻! Learn to host your PC using ngrok. 🚀 Watch now for the full guide!🔥

Aru Code • 317.4K views

How to Install and Use Ngrok on Mac | Expose Localhost to Public Using Ngrok on macOS

ProgrammingKnowledge2 • 402 views

How to Install Ngrok on Mac | NGROK Setup MacOS M2:M3 2024

Prashant Rana • 1.9K views

Frequently Asked Questions about ngrok

Yes, for development purposes. The tunnel connection is encrypted (TLS), and your local server is only accessible while ngrok is running. Stop ngrok and the URL becomes unreachable. For production use, add authentication and IP restrictions. Never expose an unsecured local server to the internet without basic auth at minimum.

Our Verdict

4.6/5

Best for:Developers integrating webhooks (Stripe, GitHub, Twilio)Mobile developers testing against local APIsFreelancers and agencies sharing work-in-progress with clientsAnyone who needs a public URL for a local server, fast

About the Author

Alex Chen

Senior Developer Tools Specialist

Code Editors & IDEsTerminal EmulatorsVersion Control Tools

12+ years in software development · Former senior engineer at tech startups

Related Technologies & Concepts

ngrokAlan ShreveCloudflare TunnelTailscale FunnelStripeHomebrewTLSLet's Encrypt

Sources & References

Key Verified Facts

Official documentation stating ngrok provides secure introspectable tunnels to localhost.[cite-1]
Demonstrates the command 'ngrok http 3000' to expose a local web server on port 3000 to the internet with an HTTPS URL.[cite-2]
Guide on how to use ngrok to receive and test Stripe webhooks directly on a local development machine.[cite-3]
The original open-source repository for ngrok 1.x, showing its foundational architecture and widespread adoption.[cite-4]
Official GitHub repository for the ngrok Node.js SDK, allowing developers to embed ngrok directly into Node applications.[cite-5]

1
ngrok Documentation
Accessed Mar 1, 2026
"Official documentation stating ngrok provides secure introspectable tunnels to localhost."
2
Getting Started with ngrok
Accessed Mar 1, 2026
"Demonstrates the command 'ngrok http 3000' to expose a local web server on port 3000 to the internet with an HTTPS URL."
3
Stripe Webhooks with ngrok
Accessed Mar 1, 2026
"Guide on how to use ngrok to receive and test Stripe webhooks directly on a local development machine."
4
inconshreveable/ngrok: Introspected tunnels to localhost
Accessed Mar 1, 2026
"The original open-source repository for ngrok 1.x, showing its foundational architecture and widespread adoption."
5
ngrok/ngrok-nodejs: ngrok for Node.js
Accessed Mar 1, 2026
"Official GitHub repository for the ngrok Node.js SDK, allowing developers to embed ngrok directly into Node applications."
6
ngrok lands $50M to help developers put local apps on the internet
Accessed May 6, 2026
"TechCrunch report confirming that ngrok has raised significant funding and is used by millions of developers globally."
7
6 awesome reasons to use ngrok when testing webhooks
Accessed May 6, 2026
"Twilio developer blog highlighting the necessity of ngrok for testing local webhooks without deploying to a staging server."
8
What is ngrok? How to Expose Your Localhost to the Internet
Accessed May 6, 2026
"FreeCodeCamp tutorial explaining how ngrok bypasses NAT and firewall restrictions to share local APIs with teammates."
9
A Ridiculously Fast Global Network
Accessed May 6, 2026
"Official performance overview detailing ngrok's global Points of Presence (PoPs) designed to minimize tunnel latency."
10
A free Cloudflare Tunnel for everyone
Accessed May 6, 2026
"Cloudflare blog post comparing tunneling solutions, noting ngrok's ease of use and evaluating latency differences."

ngrok is a Free Alternative

ngrok can replace these paid apps:

LocalCan$89

Browse all free alternatives

More Developer Tools

Featured in Collections

API DevelopersTest and debug APIs like a pro

Remote Access & VPNWork from anywhere securely

Explore More on Bundl

All Apps Comparisons Free Alternatives Collections

Similar Apps

Cursor

AI-first code editor built on VS Code

Claude Code

AI-powered development environment by Anthropic

ChatGPT

OpenAI's official ChatGPT desktop app for macOS

Claude

Anthropic's official Claude AI desktop app

Codex

AI coding assistant and IDE

Windsurf

AI-powered code editor by Codeium

Read our complete guide to the best developer tools for Mac

PublishedJanuary 1, 2026•UpdatedMay 9, 2026

ngrok

Secure tunnels to localhost

Developer ToolsFreeReplaces LocalCan ($89)