How to Harden Your OpenClaw Security in 2026

OpenClaw security hardening is essential for any self-hosted instance, particularly after the ClawHavoc malware campaign and CVE-2026-25253 demonstrated the real-world impact of insecure configurations. This guide covers every practical step to secure your OpenClaw installation.

1. Run as a Non-Root User

Never run OpenClaw as root. Create a dedicated system user:

sudo useradd -r -s /bin/false openclaw
sudo chown -R openclaw:openclaw /home/openclaw/openclaw
sudo -u openclaw python -m openclaw start

This limits the damage if OpenClaw is compromised — an attacker only gains the openclaw user's permissions, not root.

2. Configure tools.allow Strictly

The tools.allow file controls which system operations your agent can perform. Start with minimal permissions and add only what you need:

{
  "tools": {
    "allow": [
      "read_file",
      "write_file",
      "web_search"
    ],
    "deny": [
      "execute_command",
      "network_access",
      "read_env"
    ]
  }
}

Blocking execute_command prevents skills from running arbitrary shell commands, which significantly reduces the impact of a compromised skill.

3. Set Up a Firewall

On Ubuntu:

sudo ufw allow ssh
sudo ufw allow 443/tcp
sudo ufw deny 8080/tcp  # Don't expose OpenClaw directly
sudo ufw enable

OpenClaw's web interface should be behind nginx (with TLS), never exposed directly.

4. Vet ClawHub Skills Before Installing

Only install skills from verified publishers on ClawHub. Before installing any skill:

• Check the publisher's verification badge
• Review the skill's SKILL.md for requested permissions
• Check the skill's GitHub repository for recent activity and open security issues
• Avoid skills with execute_command in their required permissions unless absolutely necessary

5. Protect API Keys

Store API keys in environment variables, not directly in openclaw.json:

export ANTHROPIC_API_KEY=sk-ant-...

Reference in config:

{
  "llm": {
    "api_key": "${ANTHROPIC_API_KEY}"
  }
}

Never commit openclaw.json with real API keys to any version control system.

6. Enable Audit Logging

{
  "logging": {
    "level": "info",
    "audit": true,
    "audit_log_path": "~/.openclaw/audit.log",
    "log_tool_calls": true
  }
}

Audit logs record every tool call your agent makes, allowing you to detect anomalous behavior.

7. Keep OpenClaw Updated

Security patches are released promptly for significant vulnerabilities. Set up a cron job to notify you of new releases:

0 9 * * 1 python -m openclaw check-updates

8. Use nacre.sh to Eliminate Infrastructure Security Burden

nacre.sh handles all infrastructure security automatically: firewall management, TLS, security patches, isolated instances, and encrypted credential storage. If managing VPS security feels overwhelming, switching to nacre.sh addresses all infrastructure concerns for $12/month.

Frequently Asked Questions

Should I enable two-factor authentication for the OpenClaw web interface?

Yes if it's exposed to the internet. Configure 2FA in openclaw.json under web_interface.auth. Time-based OTP (TOTP) compatible with Google Authenticator is supported.

What monitoring is recommended for OpenClaw?

Basic uptime monitoring with Uptime Kuma (self-hosted) or BetterUptime (SaaS). For detailed alerting, configure OpenClaw's webhook notification on crash events.

Is there a security checklist I can follow?

The OpenClaw GitHub repository includes an SECURITY.md with an official hardening checklist that's updated with each major release.