Your dev server runs on port 3000. It works on your machine. The person who needs to see it is a client in another city, a stakeholder on a different continent, or a teammate working from home.
http://localhost:3000 does not leave your laptop. To make it accessible from the outside, you need to expose localhost to the internet.
Four methods exist. Each has different trade-offs for setup time, persistence, security, and suitability for client reviews. This guide covers all four and helps you pick the right one.
Why expose localhost to the internet
Developers expose localhost to the internet when someone outside their machine needs to view a local app before it gets deployed. The use cases cluster around review and validation:
- A client needs to see work in progress before it reaches staging.
- A stakeholder wants a demo of a feature branch.
- A teammate needs to check a bug fix on their own device.
- A QA tester needs to validate a flow without waiting for a deploy.
The pattern repeats: the developer creates a public URL for a local port, shares that URL, and the reviewer opens it in a browser.
Without a public URL, the alternatives are slow. You can deploy to staging for every review cycle, but that adds minutes or hours to each feedback round. You can screen-share over a video call, but the client cannot click, scroll, or test the build on their own. You can send screenshots, but screenshots cannot show interactions or responsive behavior.
Exposing localhost gives the reviewer a live, interactive build without a deployment step.
How to expose localhost to the internet
The fastest path to a public URL for client reviews uses a local tunnel tool. Install wiremaven as a dev dependency, initialize it, and start your dev server:
npm install -D wiremaven
npx wiremaven init
npm run devYour dev server starts as usual. wiremaven generates a temporary encrypted public URL and injects a floating overlay into your browser. Copy the URL. Share it with your client. The reviewer opens the link on their own device and interacts with your build as they would with any live website.
The tunnel auto-expires after your chosen duration. No dangling URL. No exposed port to remember to close. The review ends and so does access.
For projects without a framework integration, use the standalone CLI:
npx wiremaven-cli 3000 --expires 30mThe URL format follows the relay model: https://relay.wiremaven.com/p/<token>/. Visitors connect to the relay. The relay forwards traffic through an outbound-only WebSocket to your local server. Your machine never accepts inbound connections.
Four ways to expose localhost to the internet
Each method below covers a different balance of setup effort, persistence, and security. Choose the one that matches your review context.
Router port forwarding
You configure your home or office router to forward incoming traffic on a specific port to your local machine. You find your public IP address, log into your router’s admin panel, create a port forwarding rule, and point a domain or dynamic DNS service at your IP.
This is the most permanent method and the most complex. It requires router admin access, which corporate and co-working networks seldom grant. Many ISPs use Carrier-Grade NAT (CGNAT), which means your public IP is shared across multiple customers and cannot accept inbound connections at all.
Setup time: 15 to 30 minutes. Best for: self-hosted services that need permanent public access, such as a personal website or a development server that stays running.
Router forwarding gives you a URL that stays up. It does not encrypt traffic unless you configure TLS on your local server. It does not tell you who visited or what they did. For client reviews, the setup is too heavy and the exposure is too broad.
SSH reverse tunneling
You open an SSH connection from your local machine to a remote server with a reverse port forward. The remote server listens on a public port and forwards traffic back to your localhost.
ssh -R 8080:localhost:3000 user@your-server.comVisitors connect to http://your-server.com:8080, and the traffic tunnels back to your local port 3000. This requires an SSH server you control with GatewayPorts enabled in the SSH configuration. It also requires server administration knowledge.
Setup time: 5 to 10 minutes once the server is configured. Best for: developers who already have access to a VPS or dedicated server and want full control over the tunnel.
SSH tunnels encrypt traffic. They do not provide session visibility. You cannot see whether the reviewer opened the link, what pages they visited, or whether requests failed.
Cloud tunnel services
Cloudflare Tunnel, ngrok, and similar services run a client on your machine that connects to a cloud-managed relay. Traffic from the public internet hits the relay and forwards through the encrypted tunnel to your local server.
Cloudflare Tunnel requires installing cloudflared, authenticating with your Cloudflare account, and configuring DNS records. It targets permanent, production-grade exposure.
ngrok requires creating an account, installing the ngrok client, and authenticating. It provides a public URL with a web dashboard for inspecting request payloads. The free tier has usage limits and does not support custom domains.
As of June 2026, the npm registry shows ngrok at 137,012 weekly downloads, reflecting its position as the most adopted commercial tunneling tool.
Setup time: 2 to 15 minutes depending on the tool. Best for: developers who need persistent tunnels with traffic inspection and accept account setup.
Local tunnel tools
wiremaven, localtunnel, and bore generate a temporary public URL with a single command. No account. No authentication. No configuration file.
npm install -D wiremaven
npx wiremaven init
npm run devThe tunnel routes traffic through a public relay to your local dev server. The URL is random and time-limited. When the session ends, the link stops resolving. Nothing to clean up.
As of June 2026, the npm registry shows localtunnel at 749,207 weekly downloads, making it the most installed local tunneling package in the npm ecosystem.
Setup time: 30 seconds. Best for: client reviews, stakeholder demos, and ad-hoc sharing where the link should last as long as the review and no longer.
Method comparison
Each method solves a different job. The table below maps the trade-offs for review sessions.
| Method | Setup time | Account required | Persistent | Encryption | Best for |
|---|---|---|---|---|---|
| Router forwarding | 15-30 min | No | Yes | No (unless configured) | Self-hosted services |
| SSH reverse tunnel | 5-10 min | No (needs server) | Yes (until SSH drops) | Yes | Devs with server access |
| Cloudflare Tunnel | 10-15 min | Yes (Cloudflare) | Yes | Yes | Production services |
| ngrok | 2-5 min | Yes (free tier) | No (free tier) | Yes | General tunneling |
| wiremaven | 30 seconds | No | No (auto-expire) | Yes | Client reviews, demos |
| localtunnel | 30 seconds | No | No | No (relay-to-client) | Quick throwaway links |
Router forwarding and SSH tunnels give you a URL and nothing else. You cannot see who opened the link, what routes they visited, or whether errors occurred during the session.
ngrok provides a web dashboard with request logs, but it lives in a separate browser tab disconnected from your working context.
wiremaven surfaces session signals inside your browser through a floating overlay. The overlay shows viewer connections, request outcomes, error events, and expiry state. You know the reviewer opened the link. You know what pages they visited. You know whether a form submission failed. You know the sequence of everything that happened during the session.
For a client review, session awareness changes the feedback loop. A client visits your checkout flow. The overlay shows they reached /checkout and submitted the form. Then a 500 appears. You see it before the client finishes typing “the payment page is not working.” You fix the issue, restart the tunnel, and the client completes the flow. The whole cycle takes two minutes.
Without session awareness, you get an email three hours later with no details.
FAQ
Can I expose localhost to the internet without installing anything?
Yes, with caveats. Router port forwarding requires no software installation, but it needs router admin access and a public IP. Most laptops on corporate, co-working, or CGNAT networks cannot use this method.
Does exposing localhost to the internet create a security risk?
Any public URL to your local machine creates an entry point. Mitigate this with time-limited sessions, encrypted tunnels, and scoped review windows. Close the tunnel when the review ends. Do not leave localhost exposed after the session is complete.
Which method works for a client who cannot install software?
Local tunnel tools and ngrok require no software on the reviewer’s device. The reviewer opens a browser URL. Router forwarding, SSH tunnels, and Cloudflare Tunnel also work with a browser URL from the reviewer’s side. All four methods deliver a standard HTTPS link.
How long should I keep localhost exposed for a client review?
Match the exposure window to the review scope. Use 15 minutes for a quick approval, 30 minutes for a guided walkthrough, and 60 minutes when the client needs async review time. After the window closes, generate a fresh session if the client needs to inspect a changed flow.
What happens when the tunnel expires?
The public URL stops resolving. Traffic no longer routes to your local server. Your dev server continues running on localhost. Nothing to clean up and no dangling access to close by hand.
Get started
Expose your localhost for the next client review with a single command:
npm install -D wiremavenGenerate a temporary, encrypted, session-aware URL. Free during beta. No account required.
For full setup, see the wiremaven docs. For the tunnel model explained, read what is a localhost tunnel.
Related: What Is a Localhost Tunnel? · How to Share Localhost with a Client · Cloudflare Tunnel Setup