Receiving Stripe and Mercado Pago webhooks on localhost (no deploy)

Anyone who has built e-commerce knows the situation: you're developing, you set up a Stripe or Mercado Pago webhook pointing to a public URL, but your server is on localhost:3000. The 3 traditional escape routes are:

1. Staging deploy on every change — works, but a 5-minute feedback loop kills productivity.
2. Free ngrok — works, but the URL changes on every reconnect; you have to update the Stripe dashboard each time.
3. SuperDMZ — fixed URL (your-project.dmzgate.com), local node, and the tunnel survives overnight.

Setup in 2 minutes

1. Install the client:

# Windows: download the installer at superdmz.com/download
# Linux/macOS:
curl -fsSL https://superdmz.com/download/LinuxInstaller.sh | sudo sh

2. In the panel, create an HTTP tunnel pointing to localhost:3000 (or your dev port). Pick a subdomain: myapp-dev.dmzgate.com.

3. In the Stripe / Mercado Pago dashboard, set the URL:

https://myapp-dev.dmzgate.com/webhook/stripe

Done. Every time Stripe fires an event, your local Express/Django/Laravel receives it.

Plus that helps with debugging

In the local panel (http://127.0.0.1:16500) you can see:

• Every TCP connection that arrived, with source IP and bytes
• Average latency (useful when you suspect the webhook timed out)
• "Pause this tunnel" button to stop receiving when you leave the office, without deleting the setup

What about auth-key?

Don't use auth-key for this case. Stripe and Mercado Pago don't support custom auth headers. Instead validate the HMAC signature they send in the header — that's the standard.