Ngrok, secure tunnels to your Local Development Environment

Jorge L. Rios
Aug 3, 2017 · 3 min read

…or how I exposed my local services in 3 seconds?

Picture was taken from


Stay agile. Expose your local services in seconds. Ngrok describes itself as “expose a local server behind a NAT or firewall to the internet.”

When you use ngrok, you can expose your local web server, APIs, databases, etc. So, It’s easier to expose your services when you don’t have big changes and don’t wanna deploy it to your development environment. In other words, quickly and useful solution to demo without deploying.

My own case is:

I wanna expose my API Rest and Database to use them in a deployed AWS Lambda function.

Spoiler Alert: No more “but it works on my machine!”

Running Ngrok

Ngrok is very easy to install and don’t have run-time dependences. Just unzip it, add to your path and run it on your terminal. [1]

Step 1: Download ngrok

Download ngrok for your favorite OS.

Step 2: Unzip it

Unzip and, if you want, add it to your path (Move it to /usr/local/binor use your favorite command)

$ unzip /path/to/

Step 3: Run it!

Remember, you need to add ngrok to your path or use ./path/to/ngrok

$ ngrok help

Exposing HTTP’s Services

HTTP Tunnels are easier as a piece of cake:

$ ngrok http 8080

Then, you can see the ngrok UI in your terminal, for example:

ngrok by @inconshreveable

Tunnel Status online
Version 2.2.8
Web Interface
Forwarding -> localhost:8080
Forwarding -> localhost:8080

Connnections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00

In this example, you can access to your service (localhost:8080) through Sure, https it’s hot to go!

Now, you can access to your localhost from anywhere, including the International Space Station (ISS). Awesome, right?

What, are you using Virtual Hosts? Not problem.

You just need include the host-header flag:

$ ngrok http -host-header=myservice.local.vh port

For example, if I wanna expose this virtual host: jotarios.local.vh:80

$ ngrok http -host-header=jotarios.local.vh 80

Exposing networked services

TCP tunnels allow you to expose any networked service that runs over TCP. This is commonly used to expose SSH (Yes, SSH!), game servers (e.g. Minecraft), databases and more. Starting a TCP tunnel is easy.

First, you need sign up (for free) to expose this type of services.

Step 1: Sign up

Step 2: Get your authtoken

Step 3: Install your authtoken

$ ngrok authtoken YOUR_TOKEN_HERE

Step 4: Create your secure tunnel

$ ngrok tcp port

For example, I wanna expose a MySQL database, with a port 3306:

$ ngrok tcp 3306

Then, you can see the ngrok UI in your terminal, for example:

Session Status        online                                                                                           Account               jotarios (Plan: Free)                                                                          Version               2.2.8                                                                                          Region                United States (us)                                                                               Web Interface                                                                            Forwarding            tcp:// -> localhost:3306                                                     Connections           ttl     opn     rt1     rt5     p50     p90                                68      0       0.00    0.00    0.89    28.70

In this example, you can access to your database through Easy, right?

More information?

You can access to Docs or read FAQs.

Free user plan:

  • HTTP/TCP tunnels on random URLs/ports
  • 1 online ngrok process
  • 4 tunnels per ngrok process
  • 40 connections / minute (error 429)

Spoiler alert 2: If you don’t like the random name generated, you can use your own subdomain name (paid plans) to expose your services. Example:


Ngrok is a powerful tool to expose your local services through secure tunnels. You can use it to expose web servers, API Rest, SSH, game servers, databases and many others for free.

Thanks for reading ;)!



Important note:

ngrok does not log or store any data transmitted through your tunneled connections. does log some information about the connections which are used for debugging purposes and metrics like the name of the tunnel and the duration of connections. For complete end-to-end security, use a TLS tunnel.

About the Author:

I’m a Computer Science student in UTEC and Back-end Developer Jr. in Fandango Lat. Lover of Software development and Quality Education (SDG 4). I research about nodejs and robots, nodebots.

You can see my open-source projects in my account of Github:

Jorge L. Rios

Written by

@jotarios. See all my open-source projects in Github:

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade