ngsrv vs ngrok

Both ngsrv and ngrok solve the same core problem: take a local service and expose it on the public internet over HTTPS. They differ in how they treat config, security, and the developer's day-to-day workflow. This page walks through those differences without trash-talking.

ngsrv helps developers expose local services, share preview links, test webhooks, and get feedback faster. ngrok pioneered the category and remains the best-known option in it. Below is an honest look at where each one fits.

What is ngrok?

ngrok is a hosted tunneling service that lets you expose local servers, ingress to Kubernetes, and run API gateways. It's command-driven (ngrok http 80), has a long history, and a large ecosystem.

What is ngsrv?

ngsrv is a tunneling service built around a declarative YAML config you commit to git. The CLI looks similar (ngsrv http 3000), but the day-to-day flow is multi-tunnel by default, the security policies are on every plan, and the Kubernetes integration is a first-class sidecar with /healthz, /readyz, and /metrics.

At a glance

ngsrvngrok
One-command tunnelngsrv http 3000ngrok http 3000
Declarative multi-tunnel configngsrv run (built in)Limited (config file exists, less central)
Custom domains1 on Free; more on Pro+Included on paid plans
Reserved subdomainsIncluded on ProIncluded on paid plans
Free-tier security policies1 per type: IP, geo, header auth, time, rate limit, WAFOAuth on paid plans
Kubernetes sidecarFirst-class, Helm chart shippedAvailable, separate operator
Prometheus metricsOut of the box (/metrics)Available, separate setup
Stable exit codes for CIDocumentedLess granular

Where ngsrv is the better fit

You want config in git. If you'd rather have a ngsrv.yml checked in alongside your docker-compose.yml, ngsrv was built for that:

tunnels:
  - name: api
    port: 8080
    subdomain: api
    security_policies:
      - ngsrv_ips_office
      - ngsrv_rate_api

  - name: webhooks
    port: 9000
    subdomain: hooks

  - name: docs
    port: 3000
    domain: docs.example.com

Run all three with ngsrv run. The same file works locally, in CI, and in Kubernetes.

You want real security policies on the free tier. ngsrv ships every policy type on Free (one policy each) — IP allowlist, geo, header auth, time windows, rate limits, and WAF. Pro gives you 10 per type. No enterprise sales call to lock a tunnel to your office IP.

You want Kubernetes integration that looks like Kubernetes. The ngsrv sidecar exposes /healthz, /readyz, /metrics, and has a Helm chart. Probes work, scraping works, and the logs are structured JSON with stable exit codes.

You want pricing that doesn't penalize multiple tunnels. The Pro plan includes 10 tunnels by default with overage pricing per tunnel, not per-tunnel-per-region license math.

Where ngrok is the better fit

Brand familiarity. Some companies have ngrok in their approved-vendor list and that's that. Worth respecting.

Mature integrations. ngrok has been around longer and has more third-party docs, blog posts, and Stack Overflow answers. If you're stuck on a niche issue at midnight, there's more existing material to find.

Kubernetes Ingress Operator. ngrok has a dedicated K8s ingress operator with a substantial feature set if you're building it into a platform.

Migration notes

If you're already on ngrok and curious about ngsrv:

  1. Install: brew install ngsrv/tap/ngsrv (or curl -fsSL https://get.ngsrv.com | bash).
  2. Authenticate: ngsrv token <YOUR_TOKEN>.
  3. Replace ngrok http 3000 with ngsrv http 3000 in any scripts.
  4. For your ngrok.yml, the equivalent ngsrv.yml is a near 1:1 translation — tunnels: array with port, subdomain, domain, and policies.

Most teams report parity within an afternoon.

When to keep ngrok

If your team's pain point isn't config, security, or Kubernetes — and you're happy with ngrok's pricing — there is no reason to switch for the sake of switching. The honest position.

FAQ

Is ngsrv a drop-in replacement for ngrok? For the common case (http <port>) — yes. For advanced ingress operator features, the surface area differs.

Does ngsrv support custom domains like ngrok? Yes — Free includes one custom domain; Pro and Pay as you go include more. See /docs/cli/domains.

Are ngsrv tunnels secure? Yes. HTTPS terminates at the edge, and security policies (IP allowlist, rate limit, geo, header auth) are on every plan.

How much does ngsrv cost compared to ngrok? ngsrv's Pro plan starts at $7/month and includes 10 tunnels, 100GB bandwidth, 5 custom domains, and all security policies except mTLS. Check the /pricing page for the latest details.

Can I run ngsrv in Kubernetes? Yes — there's a first-class sidecar and a Helm chart, with /healthz, /readyz, and /metrics endpoints.