> ngrok can not possibly be easier than port forwarding.
Oh come on, of course it can. I use port forwarding myself, but ngrok literally makes testing remote webhooks as simple as running "ngrok". That's it. It's definitely what I recommend coworkers who just want a quick solution to test out 3rd party service integrations.
>>but ngrok literally makes testing remote webhooks as simple as running "ngrok". That's it.
Not quite. If you are on the free tier, you also need to change your stripe/slack/whatever webhook URL to the new endpoint URL it gives you each time you run it.
Um, just signing up for ngrok - 10 times more effort than port forwarding. Then you have to learn how to ngrok. And thats that's before actually figuring out what ngrok really is, how sensible it is to route data through a third party etc. etc. etc.
For people without public IPs - why not just learn how to setup an SSH tunnel instead? Similar effort, save it as a script. Boom, you actually learned something useful too.
"learn how to ngrok" "figuring out what ngrok really is"
...really? You're trying very, very hard to dislike this tool and it's kind of funny. What is the objection to it, exactly? It makes a task easier. You don't have to use it, but others can.
If you're proposing SSH tunnels as an alternative, where am I SSHing to? I need a publicly accessible remote box. So I'll need to set that up, then set up an SSH tunnel. Or, install a CLI tool and learn one command.
Apparently, the gp simply believes that "port forwarding" is the be-all/end-all, and anything else is inferior.
I've used ngrok because it was something that I could generally count on other people being able to install. I can't always be sure they understand how to do some of the more advanced stuff being suggested in this thread (they may not have permissions, or time, or technical knowhow).
I don't dislike it, at all. People seem to like it and I have no reason to distrust that. And if you really don't have any box to SSH to and can't see any use of a VPS other than an SSH tunnel then fine - ngrok is probably great.
But... If the only reason you do this is because you haven't got a clue about what dynamic DNS is, as many here seems to do, or you feel that setting up a SSH tunnel is complicated then I'm going to assume that you have no clue about the security implications of using something such as ngrok (or an SSH tunnel) to your local machine - and should probably not under any circumstances be allowed to set one up at your office.
That assumption might be wrong, but the discussions here only reinforce my belief that the niche for this (perhaps excellent) tool should be extremely small even within the HN audience. And that it isn't (currently at the top of the front page) is quite concerning. It solves a very small problem that I can solve with tools I (and most people on HN) already have installed - without going through someone else's cloud. Without registering for yet another service (bad or good, doesn't matter).
I'm questioning that there is a need for this among the HN audience. And I'm questioning that most people that have a need for it should be allowed to use it. Whether the tool is awesome or not is besides the point.
I have no clue about the security implications. What can go wrong if I use ngrok for my development environment that receives development webooks? Please enlighten me.
I'm not sure you've ever used ngrok. There's no sign up. You literally just run the binary with a port as a argument and that's it. It also gives you access logging that you wouldn't otherwise have.
So it's not similar effort, especially given that I use it on my corporate network where doing port forwarding more assuredly would be difficult and problematic.
Run `ngrok http 3000` or whatever port your app is running on and you're done. Now you have both an HTTP and HTTPS endpoint that you can publicly access.
Some webhook providing services also require HTTPS. ngrok gives you that right off the bat. Setting up self signed certs and running nginx, or faking a FQDN and using xip so that you can register a real certificate seems like overkill if all you want to do is test a webhook.
ngrok is also perfect for live demo'ing apps to clients.