Skip to main content
ngrok provides multiple layers of network security that you can apply to your endpoints using Traffic Policy. These controls let you restrict who can reach your local application at the network level.

IP restrictions

Limit access to your endpoint to specific IP addresses or CIDR ranges:
ngrok.yml

Mutual TLS (mTLS)

For environments that require client certificate verification, ngrok supports mutual TLS. This ensures that only clients presenting a valid certificate can connect to your endpoint. See the Agent TLS Termination documentation for configuration details.

Combining security controls

You can layer multiple security controls on a single endpoint. For example, combine IP restrictions with OAuth authentication:
ngrok.yml

Next steps