How to Setup OpenClaw: The Complete Guide (2026)
OpenClaw has 154.5K GitHub stars and 2M weekly visitors. It's the most popular open-source AI agent framework.
This guide covers everything you need to setup OpenClaw correctly—from first install to production-ready deployment.
The Security Reality
Before you start, understand the stakes.
In January 2026, security researcher Maor Dayan found 42,665 exposed OpenClaw instances. 93.4% were vulnerable to exploitation. Cisco found 26% of agent skills contain vulnerabilities.
Simon Willison's "lethal trifecta" explains why: agents that access private data, are exposed to untrusted content, and can communicate externally are inherently dangerous without proper controls.
This guide shows you how to setup OpenClaw safely.
Two Paths to Setup OpenClaw
Path 1: Managed Deployment (Recommended)
Clawctl handles security, infrastructure, and updates. 60 seconds to production.
Path 2: Self-Hosted Deployment
You manage security, infrastructure, and maintenance. 20-40+ hours of work.
This guide covers both. We recommend Path 1 for anyone running OpenClaw in production.
Path 1: Setup OpenClaw with Clawctl
Step 1: Sign Up
Sign up at clawctl.com/checkout and your agent is provisioned in 60 seconds.
Step 2: Complete the Signup Flow
Complete the signup in your browser. First-time users will create an account, select a plan, and enter payment.
Step 3: Check Status
Open your dashboard at clawctl.com/dashboard.
Gateway Status
────────────────────────────────────────
Status: ● running
URL: https://your-id.tenant.clawctl.com
Plan: Starter ($49/mo)
Security (All Active)
────────────────────────────────────────
✓ Gateway Auth (256-bit token)
✓ Container Sandbox
✓ Egress Filtering
✓ Audit Logging
✓ Prompt Injection Defense
Done. Your OpenClaw is running with production security.
What Clawctl Configures Automatically
Clawctl generates a hardened openclaw.json with:
- Gateway binding:
127.0.0.1(not0.0.0.0) - Token authentication: 256-bit, formally verified
- Control UI: Disabled
- mDNS discovery: Disabled
- Sandbox mode: All agents sandboxed
- Prompt defense: Enabled by default
- Egress filtering: Squid proxy, domain allowlist
These defaults address the vulnerabilities found in 93.4% of exposed instances.
Path 2: Self-Hosted Setup (Advanced)
If you choose self-hosting, here's the minimum viable secure configuration.
Prerequisites
- Node.js 20+
- Docker (recommended for isolation)
- Reverse proxy (nginx, Caddy, or Traefik)
- SSL certificate (Let's Encrypt)
Step 1: Install OpenClaw
npm install -g @anthropic/openclaw
Step 2: Create Secure Configuration
Create openclaw.json with security settings:
{
"gateway": {
"bind": "lan",
"port": 18789,
"auth": {
"mode": "token",
"token": "YOUR_256_BIT_HEX_TOKEN"
},
"controlUI": false,
"discovery": {
"mdns": { "mode": "off" }
}
},
"sandbox": {
"mode": "all",
"scope": "agent"
},
"session": {
"dmScope": "per-channel-peer"
}
}
Generate a secure token:
openssl rand -hex 32
Step 3: Configure Reverse Proxy
Example nginx configuration:
server {
listen 443 ssl;
server_name openclaw.yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
location / {
proxy_pass http://127.0.0.1:18789;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Step 4: Setup Egress Filtering (Optional but Recommended)
Install Squid proxy to control outbound traffic:
apt install squid
Configure allowlist in /etc/squid/squid.conf:
acl allowed_domains dstdomain .anthropic.com .openai.com .github.com
http_access allow allowed_domains
http_access deny all
Step 5: Setup Audit Logging
Configure logging in openclaw.json:
{
"logging": {
"level": "info",
"destination": "/var/log/openclaw/agent.log",
"format": "json"
}
}
Step 6: Run with Docker (Recommended)
FROM node:22-bookworm-slim
RUN npm install -g @anthropic/openclaw
RUN useradd -m openclaw
USER openclaw
WORKDIR /app
COPY openclaw.json .
COPY --chown=openclaw:openclaw workspace ./workspace
EXPOSE 18789
CMD ["openclaw", "serve"]
Self-Hosted Checklist
Before going live, verify:
- Gateway binds to localhost, not 0.0.0.0
- Token authentication is enabled
- Control UI is disabled
- mDNS is disabled
- Reverse proxy with SSL is configured
- Sandbox mode is enabled
- Egress filtering is configured
- Logging is capturing events
- Monitoring is in place
Estimated time: 20-40 hours for initial setup, plus ongoing maintenance.
Adding Your LLM API Keys
With Clawctl
Enter your API key in the dashboard under Settings → API Keys. Paste your Anthropic or OpenAI key.
Keys are encrypted at rest and injected at runtime.
Self-Hosted
Use environment variables (never store in config files):
export ANTHROPIC_API_KEY="sk-ant-..."
export OPENAI_API_KEY="sk-..."
Connecting Messaging Channels
OpenClaw supports WhatsApp, Telegram, Discord, and more.
With Clawctl
Configure channels in the dashboard. Clawctl handles:
- Secure webhook endpoints
- Message routing
- DM pairing policies
Self-Hosted
Configure in openclaw.json:
{
"channels": {
"telegram": {
"enabled": true,
"token": "YOUR_BOT_TOKEN",
"dmPolicy": "pairing",
"groups": {
"*": { "requireMention": true }
}
}
}
}
Testing Your Setup
Verify Security
# Check if gateway is properly bound (should fail from external IP)
curl -I https://your-openclaw-url.com/health
# Verify auth is required
curl -I https://your-openclaw-url.com/api/status
# Should return 401 Unauthorized
Verify Functionality
With Clawctl: Check status in the dashboard. Open the Logs tab to view recent activity.
Self-hosted:
curl -H "Authorization: Bearer YOUR_TOKEN" \
https://your-openclaw-url.com/api/status
Why Managed Beats Self-Hosted
| Aspect | Self-Hosted | Clawctl Managed |
|---|---|---|
| Setup time | 20-40 hours | 60 seconds |
| Security config | Manual | Automatic |
| Updates | Manual | Automatic |
| Audit logging | DIY | Built-in |
| Human-in-the-loop | Build yourself | 70+ actions blocked |
| Kill switch | SSH access | One click |
| Ongoing maintenance | Your responsibility | Handled |
The 42,665 exposed instances weren't lazy developers. They were busy developers who underestimated the work required.
Next Steps
With Clawctl
- Checkout and get your tenant
- Add your API keys in the dashboard
- Connect your messaging channels
- Start building
Self-Hosted
- Complete the security checklist above
- Set up monitoring and alerting
- Plan for updates and maintenance
- Consider migrating to Clawctl when you're tired
Setup OpenClaw with Clawctl → | Documentation → | Security guide →