tahapaksu.com

Where hard to solve bugs become blog posts

Introducing Hooklink

2026-02-23 · Taha Paksu

I’ve been building webhook integrations for years. Stripe payments, GitHub CI triggers, Slack bots. Every time, the same friction: the third-party service needs a public URL, and my server is on localhost.

I’ve tried every workaround. ngrok gives you a random URL that changes on every restart. Stripe CLI only works for Stripe. Deploying to a staging server kills the feedback loop. None of them let you replay a webhook you missed or filter out the events you don’t care about.

So I built Hooklink.

What Is Hooklink?

Hooklink is a webhook-to-localhost bridge. You get a permanent subdomain like stripe-alice.hooklink.net that forwards incoming HTTP traffic to your local machine over a WebSocket connection. It works for webhooks and as a full HTTP tunnel.

The simplest way to try it:

npx @hooklink/cli listen 3000

No account, no config. You get a temporary public URL in under 30 seconds. When you’re ready for permanent URLs and the full feature set, create a free account.

Why Another Tunnel Tool?

Because tunneling is just the beginning. The tools I was using solved the “get traffic to localhost” problem but left everything else to me. I wanted something that understood webhooks as a first-class concept.

Here’s what Hooklink does differently:

Permanent, Memorable URLs

Every endpoint gets a URL in the format keyword-username.hooklink.net. You choose the keyword, it stays the same forever. Configure it once in Stripe, GitHub, or wherever, and never touch it again.

https://stripe-alice.hooklink.net
https://github-alice.hooklink.net
https://preview-alice.hooklink.net

No random hashes. No UUID soup. URLs you can actually remember and share with teammates.

Webhook Replay

Every request that hits your endpoint is logged with full headers, body, and response. Found a bug in your handler? Fix the code, then replay the exact webhook from the dashboard. One click.

You can also edit before replaying: change headers, modify the JSON body, tweak query parameters. This is invaluable for testing edge cases without waiting for the third-party service to send a specific event.

Need to regression-test an entire flow? Select multiple webhooks and bulk-replay them all at once.

Signature Verification at the Edge

Hooklink verifies webhook signatures before forwarding. It natively understands the signature formats used by Stripe, GitHub, Shopify, Slack, and Discord. For Stripe, it parses the t=timestamp,v1=signature header, validates the HMAC-SHA256 signature, and checks timestamp freshness to prevent replay attacks.

Forged requests never reach your machine.

Event Filtering

Only care about payment_intent.succeeded and invoice.paid? Configure an event filter that extracts the type field from the body and drops everything else. Filters support AND/OR logic and can match on headers or body fields using dot-path traversal.

Less noise, faster debugging.

Source Allowlisting

Lock endpoints to specific IP ranges or domains. The built-in integration templates come pre-loaded with official IP ranges from providers like Stripe (all 12 CIDR blocks). Requests from unknown sources get a 403 before any other processing happens.

HTTP Tunnels

Hooklink isn’t just for webhooks. Tunnel-type endpoints proxy all HTTP traffic (GET, POST, everything) and serve responses back to the caller. Share a local dev server for QA, test OAuth callbacks that need HTTPS, or demo a feature without deploying.

TLS termination happens at the edge. Your local server runs plain HTTP.

Multi-Target Connect

This is the feature I use every day. One CLI session, multiple endpoints, each routing to a different local service:

hooklink connect stripe,github,preview
Connected to 3 endpoints

  stripe-alice.hooklink.net   webhook  :3000
  github-alice.hooklink.net   webhook  :4000
  preview-alice.hooklink.net  tunnel   :5173

  stripe   POST --> payment_intent.succeeded
  stripe   POST <-- 200  12ms
  github   POST --> push
  github   POST <-- 200   8ms
  preview  GET      /dashboard  200

Stripe webhooks to your payment service, GitHub hooks to your CI handler, a preview tunnel to your frontend. One terminal window, one WebSocket connection. A multi-target session counts as a single connection toward your plan limit.

Integration Templates

Setting up a new provider shouldn’t mean reading their docs for 20 minutes to find the right IP ranges and signature format. Hooklink ships with 15+ built-in templates for services like Stripe, GitHub, Shopify, Slack, Discord, PayPal, Twilio, SendGrid, and more.

Click Use Template, and the endpoint is pre-configured with the correct source IPs, signature header, event types, and a sensible local target URL. Adjust what you need, create, and connect.

Analytics Dashboard

See your webhook traffic at a glance: request volume over time, status code distribution, endpoint usage breakdown, and latency percentiles. Useful for spotting patterns, identifying flaky handlers, and understanding which endpoints get the most traffic.

The Tech Stack

For the curious, here’s what powers Hooklink under the hood:

  • Backend: Fastify 5 (Node.js), running as three separate services: REST API, WebSocket server, and health monitor
  • Database: Supabase (PostgreSQL with Row-Level Security for strict data isolation)
  • Cache/Pub-Sub: Redis with circuit breaker and cross-instance bridging
  • Frontend: React 18, Vite, Tailwind CSS, shadcn/ui
  • CLI: Commander.js with WebSocket client, HTTP forwarder, and auto-update
  • Proxy: Caddy with automatic wildcard TLS via Cloudflare DNS challenge
  • Infrastructure: Dedicated Hetzner server in Europe, Cloudflare for DDoS protection

The WebSocket protocol handles auth, heartbeat, request/response forwarding, and graceful disconnection. When the CLI disconnects, webhooks are buffered in Redis for up to 5 minutes and flushed automatically when it reconnects. Failed deliveries go to a dead-letter queue and retry with exponential backoff.

Pricing

The free plan is genuinely useful for development:

  • 2,500 requests per week
  • 1 GB bandwidth per week
  • 3 endpoints
  • 1 concurrent connection
  • 3-day log retention
  • Full request logging and search

Paid plans start at $5/month for more endpoints, longer retention, bulk replay, and custom templates. See the full breakdown at hooklink.net/pricing.

Only successfully forwarded webhooks count toward your quota. Rejected, filtered, replayed, and retried requests are always free.

Getting Started

Try it right now without creating an account:

# Temporary webhook listener (30-minute session)
npx @hooklink/cli listen 3000

# Temporary HTTP tunnel
npx @hooklink/cli tunnel 3000

Or create a free account for permanent URLs and the full feature set:

  1. Sign up (no credit card)
  2. Create an endpoint from the dashboard or use an integration template
  3. Generate an API key
  4. Install and connect:npm install -g @hooklink/cli hooklink login --key hlk_your_key hooklink connect your-endpoint

That’s it. Webhooks flow to your machine, logged and replayable.

What’s Next

Hooklink is actively developed. Some things I’m working on:

  • Team workspaces with role-based access (owner, member, viewer) are already live
  • A public status page at hooklink.net/status
  • API v1 for programmatic access to endpoints, logs, and replay
  • More integration templates based on user requests

If you have feedback, feature requests, or run into issues, I’d love to hear from you. There’s a feedback form in the dashboard, or you can reach me directly.

Give it a try: hooklink.net

leave a comment