OpenClaw Firewall Configuration for Security
Configure a proper firewall for your self-hosted OpenClaw deployment. UFW rules, Docker network isolation, and outbound restrictions explained.
Proper firewall configuration is a fundamental security control for self-hosted OpenClaw. This guide covers Linux firewall setup (UFW and iptables), Docker network isolation, and outbound restrictions.
Basic UFW Setup
UFW (Uncomplicated Firewall) is the recommended approach for Ubuntu/Debian-based VPS:
# Default deny everything inbound, allow outbound
ufw default deny incoming
ufw default allow outgoing
# Allow SSH (use your custom port if changed)
ufw allow 22/tcp comment 'SSH'
# Allow OpenClaw API (only if you expose it externally)
# If OpenClaw is only used via Telegram bot, you don't need this
# ufw allow 8443/tcp comment 'OpenClaw API (HTTPS)'
# Enable
ufw enable
ufw status verbose
If your OpenClaw communicates only outbound (receiving from Telegram, Discord, etc.) you don't need to open any inbound ports beyond SSH.
Docker Network Isolation
OpenClaw in Docker benefits from network isolation:
# docker-compose.yml
services:
openclaw:
networks:
- internal
# Only expose ports explicitly needed externally
nginx:
ports:
- "443:443"
networks:
- internal
- external
networks:
internal:
internal: true # No external internet access
external:
driver: bridge
Only the nginx reverse proxy has external access. OpenClaw sits behind it.
Outbound Restrictions (Advanced)
For maximum security, restrict which external endpoints OpenClaw can reach:
# Allow only LLM API endpoints
ufw allow out to 54.91.0.0/16 port 443 comment 'Anthropic API'
ufw allow out to 64.233.0.0/16 port 443 comment 'OpenAI API'
ufw allow out to api.telegram.org port 443 comment 'Telegram'
# Block all other outbound
ufw default deny outgoing
# Re-allow DNS
ufw allow out 53
This is aggressive but dramatically limits exfiltration potential.
Monitoring Network Activity
# Install NetHogs for monitoring bandwidth by process
sudo apt install nethogs
sudo nethogs
# Or use ss to see active connections
watch -n 5 'ss -tnp | grep openclaw'
Review periodically for unexpected external connections.
nacre.sh Network Security
nacre.sh implements network isolation at the infrastructure level:
- Each tenant's OpenClaw instance runs in an isolated network namespace
- Outbound traffic is monitored and Prompt Shield detects exfiltration patterns
- Infrastructure firewall restricts traffic to necessary API endpoints
nacre.sh users get network security without manual firewall configuration.
Frequently Asked Questions
Do I need a firewall if I'm running locally (home server)?
Yes. Your router's NAT provides some protection, but local network threats and misconfigured services mean a local firewall adds valuable defense-in-depth.
Should I use UFW or iptables directly?
UFW is appropriate for most users. If you need complex rules, iptables or nftables give more control. For Docker environments, consider combining Docker's iptables with UFW using the DOCKER-USER chain.
What if my VPS provider has a separate firewall?
Use both the provider's firewall AND UFW. Defense-in-depth applies to firewalls too. Configure both to the most restrictive rules you can maintain.
nacre.sh
Run OpenClaw without the server headaches
Dedicated instance, automatic TLS, nightly backups, and 290+ LLM integrations. Live in under 90 seconds from $12/month.
Deploy your agent →