Developers often need to share their local applications or services with remote users, but exposing a local server to the internet can be complex and risky. Ngrok simplifies this process by providing secure tunnels from public endpoints to local machines.
This article explains what Ngrok is, how it works, its key features, and how to use it effectively for development and testing.
What Is Ngrok?
Ngrok is a tool that creates secure tunnels from the public internet to a local machine behind a firewall or NAT. It allows developers to expose local servers to the internet using a simple command-line interface. Originally developed by Alan Shreve in 2013, Ngrok has become a staple in modern development workflows for its ease of use and robust feature set.
How Does Ngrok Work?
Understanding how Ngrok operates helps clarify its value in development environments. Ngrok acts as a reverse proxy, creating a secure tunnel between a public endpoint and a locally running service.
Read More: What is a Proxy Port?
When a tunnel is started, Ngrok assigns a public URL that forwards incoming traffic to the specified local port.
This process involves several steps:
- Ngrok client establishes a connection to the Ngrok cloud service.
- The cloud service assigns a public URL (HTTP, HTTPS, or TCP).
- Incoming requests to this URL are securely forwarded to the local server.
- Developers can inspect, replay, or restrict these requests as needed.
This mechanism enables seamless sharing of local applications without complex network configuration.
Key Features Of Ngrok
Ngrok offers a range of features that make it a versatile tool for developers. Here is an overview of its most notable capabilities:
- HTTP and HTTPS Tunnels: Easily expose local web servers to the internet using secure public URLs.
- TCP Tunnels: Support for exposing non-HTTP services, such as databases or custom protocols.
- Custom Subdomains and Domains: Assign memorable or branded URLs to tunnels for easier access.
- Request Inspection and Replay: View detailed logs of incoming requests and replay them for debugging.
- Authentication and Access Control: Restrict access to tunnels using password protection or IP whitelisting.
- Web Interface and Dashboard: Monitor tunnel activity and manage configurations through a user-friendly web interface.
Common Use Cases For Ngrok
Ngrok is widely used in various scenarios where exposing a local server is necessary. Below are some of the most common use cases, each addressing specific development needs:
- Webhook Development and Testing: Receive webhooks from third-party services on a local machine for rapid iteration.
- Mobile App Backend Testing: Allow mobile applications to connect to a backend running on a developer’s computer.
- Remote Client Demos: Share in-progress work with clients or stakeholders without deploying to production.
- IoT Device Testing: Enable devices on different networks to communicate with a local server for testing and debugging.
Read More: What is IoT Software Testing?
- Temporary Sharing of Local Sites: Provide quick access to a local website for feedback or collaboration.
Installation And Setup
Getting started with Ngrok is straightforward. The following steps outline the installation and initial configuration process for most platforms:
- Download Ngrok: Visit the official Ngrok website and download the appropriate binary for your operating system.
- Unzip and Install: Extract the downloaded file and move the Ngrok executable to a directory included in your system’s PATH.
- Sign Up and Authenticate: Create a free Ngrok account to access advanced features. After signing up, obtain your authentication token from the dashboard.
- Add Authtoken: Run the command ngrok config add-authtoken <your-token> to link your local installation with your Ngrok account.
- Start a Tunnel: Use the command ngrok http 8080 (replace 8080 with your local server’s port) to start a tunnel and receive a public URL.
This setup process enables developers to expose local services to the internet with minimal configuration quickly.
Basic Usage Examples
Once Ngrok is installed, it can expose various types of local services. Here are some practical examples to illustrate its usage:
Exposing A Local Web Server (HTTP)
To share a web application running on port 3000, use the following command:
ngrok http 3000
Ngrok will provide a public URL that forwards requests to your local server.
Exposing A TCP Service
For non-HTTP services, such as a database on port 5432, use:
ngrok tcp 5432
This command generates a public TCP address that routes traffic to your local service.
Using Custom Subdomains Or Domains
If you have a paid Ngrok plan, you can specify a custom subdomain:
ngrok http -subdomain=myapp 3000
Or use a custom domain configured in your Ngrok dashboard:
ngrok http -hostname=example.com 3000
These options provide more control over the public URLs assigned to your tunnels.
Security Considerations
Exposing local servers to the internet introduces security risks. Ngrok includes several features to help mitigate these risks, but users should remain vigilant. Consider the following points when using Ngrok:
- Access Control: Use Ngrok’s built-in authentication and IP whitelisting to restrict who can access your tunnels.
- Sensitive Data: Avoid exposing services that handle sensitive or confidential information unless proper security measures are in place.
- Session Management: Monitor active tunnels and close them when not in use to reduce the attack surface.
- HTTPS Encryption: Always use HTTPS tunnels to encrypt data in transit.
Also Read: What is Mobile App Security Testing?
Limitations Of Ngrok
While Ngrok is a powerful tool, it has certain limitations that users should be aware of. These constraints can affect how and when Ngrok is used:
Feature | Free Plan | Paid Plan |
---|---|---|
Tunnel Timeouts | 2 hours per session | No timeouts |
Custom Domains | Not available | Available |
Reserved Subdomains | Not available | Available |
Concurrent Tunnels | 1 | Multiple |
Request Inspection | Limited | Full access |
The free plan is suitable for basic use, but advanced features and higher limits require a paid subscription.
Ngrok Alternatives
While Ngrok is widely used, several alternatives offer similar functionality. These tools may be preferred in certain scenarios or for specific requirements. Some notable alternatives include:
- LocalTunnel: An open-source tool for exposing local servers to the internet with minimal setup.
- Serveo: Provides SSH-based tunneling without requiring installation.
- PageKite: Focuses on making local servers publicly accessible, especially for web development.
Each alternative has its own strengths and limitations, so evaluating them based on project needs is recommended.
Troubleshooting Ngrok
Even with a straightforward setup, users may encounter issues when using Ngrok. Here are some common problems and solutions:
- Tunnel Not Starting: Ensure the local server is running and the specified port is correct.
- Port Already In Use: Check for other applications using the same port and stop them if necessary.
- Authentication Errors: Verify that the authtoken is correctly configured and matches your Ngrok account.
- Firewall Restrictions: Ensure firewalls or security software are not blocking Ngrok connections.
How Requestly Complements Ngrok
Ngrok and Requestly work together to create a complete testing and debugging environment. Ngrok creates secure tunnels that expose your local development server to the internet. This allows you to share your work or receive external webhooks. Requestly then complements Ngrok by intercepting and modifying the traffic that flows through these tunnels.
Here are a few ways Requestly complements Ngrok:
- Secure Public URLs: Ngrok creates a unique, secure web address for your local server, so anyone can access it from the internet.
- Webhook Testing: Many services need a public URL to send data (like webhooks). Ngrok provides that URL and forwards the requests to your local server.
- HTTPS Support: Ngrok automatically secures your URL with HTTPS, so you don’t have to deal with SSL certificates.
- Request Inspection: Ngrok lets you see all the HTTP requests going through the tunnel. You can inspect and replay them for easier debugging.
Conclusion
Ngrok streamlines the process of exposing local servers to the internet, making it an essential tool for developers, testers, and anyone needing remote access to local applications. Its secure tunneling, ease of use, and robust feature set support a wide range of development and testing scenarios.