diff --git a/packages/noco-docs/docs/020.getting-started/020.environment-variables.md b/packages/noco-docs/docs/020.getting-started/020.environment-variables.md
index b82a71f320..4cc9bd0f7c 100644
--- a/packages/noco-docs/docs/020.getting-started/020.environment-variables.md
+++ b/packages/noco-docs/docs/020.getting-started/020.environment-variables.md
@@ -62,5 +62,6 @@ For production usecases, it is **recommended** to configure
 | NC_MINIMAL_DBS | Create a new SQLite file for each project. All the db files are stored in `nc_minimal_dbs` folder in current working directory. (This option restricts project creation on external sources) |  |
 | NC_DISABLE_AUDIT | Disable Audit Log | `false` |
 | NC_AUTOMATION_LOG_LEVEL | Possible Values: `OFF`, `ERROR`, `ALL`. See [Webhooks](/developer-resources/webhooks#call-log) for details. | `OFF` |
-| NC_SECURE_ATTACHMENTS | Allow accessing attachments only through presigned urls. To enable secure set value as `true` any other value treated as false. (⚠ this will make existing links inaccessible ⚠) | `false` |
-| NC_ATTACHMENT_EXPIRE_SECONDS | How many seconds before expiring presigned attachment urls. (Attachments will expire in at least set seconds and at most 10mins after set time) | 7200 (2 hours) |
\ No newline at end of file
+| NC_SECURE_ATTACHMENTS | Allow accessing attachments only through presigned urls. To enable set value as `true` any other value treated as false. (⚠ this will make existing links inaccessible ⚠) | `false` |
+| NC_ATTACHMENT_EXPIRE_SECONDS | How many seconds before expiring presigned attachment urls. (Attachments will expire in at least set seconds and at most 10mins after set time) | 7200 (2 hours) |
+| NC_ALLOW_LOCAL_HOOKS | To enable set value as `true` any other value treated as false. (⚠ this will allow webhooks to call local links which can raise security issues ⚠) | `false` |
\ No newline at end of file
diff --git a/packages/nocodb/src/helpers/webhookHelpers.ts b/packages/nocodb/src/helpers/webhookHelpers.ts
index fac8f25147..3641a84b9b 100644
--- a/packages/nocodb/src/helpers/webhookHelpers.ts
+++ b/packages/nocodb/src/helpers/webhookHelpers.ts
@@ -178,7 +178,7 @@ export async function handleHttpWebHook(
   user,
   prevData,
   newData,
-) {
+): Promise<any> {
   const req = axiosRequestMake(
     apiMeta,
     user,
@@ -244,12 +244,16 @@ export function axiosRequestMake(_apiMeta, _user, data) {
         }, {})
       : {},
     withCredentials: true,
-    httpAgent: useAgent(url, {
-      stopPortScanningByUrlRedirection: true,
-    }),
-    httpsAgent: useAgent(url, {
-      stopPortScanningByUrlRedirection: true,
-    }),
+    ...(process.env.NC_ALLOW_LOCAL_HOOKS !== 'true'
+      ? {
+          httpAgent: useAgent(url, {
+            stopPortScanningByUrlRedirection: true,
+          }),
+          httpsAgent: useAgent(url, {
+            stopPortScanningByUrlRedirection: true,
+          }),
+        }
+      : {}),
   };
   return req;
 }