milan@openclawhelp.dev
OpenClaw Help
OpenClaw HelpIssues, blogs, and direct help
openclawclaudebotsecuritytutorial

How to Set Up OpenClaw (Claudebot) the Right Way (Without Getting Hacked)

The ultimate security-focused guide to setting up your own AI assistant safely, to avoid massive security vulnerabilities.

Milan6 min read

If you have watched any of those "5-minute" OpenClaw setup guides on YouTube, you need to be extremely careful. Most of these quick tutorials contain massive security vulnerabilities that could allow a hacker to access your computer, steal your API keys, and even access your bank accounts or crypto wallets in just a few minutes.

OpenClaw is not actually an AI itself; it is an open-source orchestration layer that acts as a message queue to call Large Language Models (LLMs) like GPT or Claude in a structured way. Because it works while you sleep and connects to your personal tools, you must be highly vigilant about the data you feed into it and how you secure it.

Here is the ultimate, security-focused guide to setting up your own AI assistant safely, drawing from best practices.

Phase 1: VPS Provisioning & Initial Connection

A lot of people are rushing out to buy Mac Minis to run OpenClaw, but you do not want to give this software access to your main operating system or open up traffic on your home internet network.

Instead, host it on a Virtual Private Server (VPS). A VPS runs in the cloud, is protected from physical disasters (like fires or floods), and is extremely cheap (often just $5 to $10 a month).

  1. Purchase a VPS: Select a reliable provider (such as Hostinger's KVM2 plan).
  2. Choose your Operating System: Opt for a plain operating system and select Debian 13 (Ubuntu is also acceptable). Do not enable Docker.
  3. Set a Root Password: Generate a completely random and highly secure root password during checkout and save it.
  4. Initial SSH Login: Once the server provisions, open your local terminal (Terminal on Mac/Linux, or Windows Terminal) and connect using the root user and your VPS's public IP address.
    • Run: ssh root@<your-vps-ip>
    • Paste your root password when prompted.

Phase 2: Installing Tailscale (Private VPN Tunnel)

By default, your VPS is accessible to the open internet, meaning anyone can ping it or attempt to guess your password. To prevent public internet traffic from accessing or attacking your server, you will create a secure, private network tunnel using Tailscale.

  1. Install Tailscale on the Server:
    • Run: curl -fsSL https://tailscale.com/install.sh | sh
  2. Start Tailscale:
    • Run: sudo tailscale up --ssh
  3. Authenticate the Server: A URL will appear in the terminal. Open it in your browser and sign in using a highly secure account (like Google).
  4. Connect Your Local Device: Download the Tailscale app on your personal computer, sign in with the exact same account, and connect to the VPN.
  5. Verify the Connection: Back in your server terminal, type tailscale status to confirm both your server and your local machine are communicating.

Phase 3: Server Hardening & Disabling Root Access

Now that you have a private tunnel, you need to disable public access entirely. You must lock down the server so it only accepts connections from your Tailscale network and disables root logins.

  1. Find your Tailscale IP: Go to your Tailscale Admin Console and copy the specific IP address for your server (it starts with 100.x.x.x).
  2. Edit the SSH Configuration: Open the SSH config file using Nano:
    • sudo nano /etc/ssh/sshd_config
  3. Modify the following lines:
    • Find ListenAddress (uncomment it by removing #) and set it to: ListenAddress 100.x.x.x (using your real Tailscale IP).
    • Find PasswordAuthentication and change it to no.
    • Find PermitRootLogin and change it to no.
  4. Save and Exit: Press Ctrl+O to save, press Enter, and Ctrl+X to exit Nano.
  5. Create a Non-Root User: Create a new user (e.g., tim) and add them to the sudo group so they have administrative privileges:
    • adduser tim (you will be prompted to create a password)
    • usermod -aG sudo tim
  6. Apply Changes: Restart the SSH service, then log out:
    • sudo systemctl restart ssh
    • logout
  7. Reconnect Securely: You will no longer be able to log in using the public IP or the root user. Reconnect using your new user and your Tailscale IP:
    • ssh tim@<tailscale-ip>

Phase 4: VPS Firewall Configuration

  1. Navigate to the Firewall settings in your VPS provider's dashboard (e.g., Hostinger).
  2. Create a rule to block all incoming internet traffic to the server, with exactly one exception to allow Tailscale to function.
  3. Add an "Accept" rule for the UDP protocol on Port 41641, with the source set to "anywhere".

Phase 5: Install OpenClaw & Save on API Costs

  1. Go to the OpenClaw website and copy the one-liner installation command for Mac OS/Linux.
  2. Paste and run this command in your server terminal. It will install npm and OpenClaw.
  3. Configure the AI Model: When it comes time to configure the AI model, do not use a standard API key unless you want a massive bill. The smartest method is to connect your existing ChatGPT Pro subscription (via Codex) or your Anthropic Claude subscription. The terminal will provide a URL that you can open in your browser to authenticate and link your account, allowing you to use your standard monthly subscription limits.

Phase 6: Connecting to Telegram for Secure Chat

To actually speak with your bot, Telegram is the highly recommended and secure chat channel.

  1. Open Telegram on your local device and search for the verified contact BotFather.
  2. Send the message /newbot, give it a name, and create a username that ends in "bot".
  3. BotFather will provide an API token. Copy and paste this token into the OpenClaw setup prompt in your terminal.
  4. To ensure only you can talk to it, start a chat with your new bot in Telegram. It will give you an openclaw pairing approve Telegram command and a code. Paste this code into your server terminal.

Phase 7: Accessing the Web Dashboard Securely

OpenClaw has a web UI that runs on port 18789, but it is hidden behind your Tailscale network.

  1. Open a new, separate terminal window on your local computer.
  2. Forward the Port: Run the following command (replace the IP with your server's Tailscale IP and the user with your created username) to map the server's port to your local machine:
    • ssh -N -L 18789:127.0.0.1:18789 tim@100.x.x.x
  3. Open the Dashboard: Open your web browser and go to 127.0.0.1:18789.
  4. Authenticate: The UI will ask for a Gateway Token. Message your bot on Telegram and ask "How do I find the gateway token?". It will give you a command to run, which returns the token. Add ?token=YOUR_TOKEN_HERE to the end of the URL in your browser to log in.

The Golden Rule: Beware of Prompt Injections (Sandboxing)

As you add "skills" to your bot to make it more useful, remember one golden rule: never connect it to your primary email or main Google Drive.

If you connect your main Gmail, you are vulnerable to a "prompt injection attack". Someone could send you a malicious email instructing the bot to disregard its safety instructions and email your API keys or data to a hacker.

Always practice sandboxing: create a completely separate email address and Google account for your bot. Only forward safe, verified emails to the bot's account. By strictly controlling what inputs the bot can read, you completely eliminate the risk of external prompt injections.

Back to all posts