Is it reliable to run a service behind ngrok?


#1

Was playing around with ngork for some time. Wrote a simple web application in python and tunneled it through ngrok.io

This way the database, the application, everything can reside in our machine and can be accessed anywhere from the Internet.

https://ngrok.com/product

For running a server on the Internet, one needs a hosting space, static ip address & a domain name (optionally ;-)). Out of the three, hosting space & static IP are costly and one way to manage is run application in our machines like the above case and use dynamic dns services. Now ngrok is even more powerful than dynamic dns services, I am wondering if it is reliable to host a server of our own in our devices, say for example a XMPP/Jabber Chat server running on a beaglebone and tunnel the traffic through ngrok.io.

My question boils down to “Is the data to and from the devices that goes through ngrok.io is readable by ngrok.io servers?”

I saw they offer TLS connections too, does that mean the data is readable only by the device that requests it and by the device that provides it? Can ngrok.io read our data too?

Anyone have tried something similar?


#2

I wouldn’t trust the present hosted version of ngrok.
I am a regular user of ngrok. I started using ngrok from its 1.0 version, when it was opensourced.
Not anymore.
The old version could still be found here : https://github.com/inconshreveable/ngrok

But , yet I wouldn’t trust ngrok as such. But the one advantage is their tunnel also gives you a https access, which I always use and find it pretty ok.

the http version I think they can read the traffic, but not sure if they are.


#3

You can force https using --bind-tls=true. Atleast that’s what the documentation seems to suggest. How it’s implemented is a different story

Ref: https://ngrok.com/docs#tls


#4

--bind-tls=true, tls & -subdomain with our keys and certificates are available only under paid plan and their pricing are equivalent to vps cloud hosting.

I thought I could host services in our infra saving some cost and moreover until @ramaseshan pointed out, I am not aware of the fact that it is not open anymore. Apologies for raising a topic while it is not anymore related to FOSS.


#5

I am looking at FOSS alternative - LocalTunnel which has both server and client part available under a FOSS License and also the subdomain available for free, at the moment there is no pricing plans. I will stick around with it for some time.


#6

Why ngrok or localtunnel when dynamic dns would be just fine?

Besides, both ngrok and localtunnel seem to be only for http/https. It doesn’t look like arbitrary ports and protocols can be exposed.

I use the FreeDNS dynamic DNS service for my home server. FreeDNS is a gratis service.


#7

source code for version 1.0 https://github.com/inconshreveable/ngrok