Security Warning: OpenClaw grants AI full system access

STOP! Are You Ready?

OpenClaw is NOT a toy. It's a tool for engineers. You must check ALL items to proceed.

This Isn't For Me

Install OpenClaw

Choose your deployment path: Docker (recommended for isolation), local installation (best performance), or cloud VPS (24/7 availability). Complete setup guide with security best practices.

Choose Your Installation Method

Docker

RECOMMENDED
  • Isolated environment
  • Easy cleanup
  • Reduced security risk

Best for: Most users, testing, production

Local

  • Fastest performance
  • Full system access
  • Higher security risk

Best for: Development, power users

Cloud VPS

  • 24/7 availability
  • Remote access
  • Requires ops skills

Best for: Production bots, teams

Prerequisites

For Docker Install

  • • Docker Engine 20.10+ or Docker Desktop
  • • Docker Compose (optional, for production)
  • • ~2GB free disk space
  • • Port 18789 available on localhost

For Local Install

  • • Node.js v22+ (check with node --version)
  • • npm 10+ or pnpm 8+
  • • macOS, Linux, or WSL2 (Windows)
  • • ~500MB free disk space

Note: If you have old Clawdbot or Moltbot installations, remove them first to avoid conflicts: npm uninstall -g clawdbot moltbot

Docker Installation

RECOMMENDED

Docker provides the safest and easiest way to run OpenClaw. The container is isolated from your host system, making cleanup simple and reducing security risks. This is the recommended method for production deployments.

Step 1: Quick Start

# Pull and run official image
docker run -d \
  --name openclaw \
  -p 18789:18789 \
  -v ~/.openclaw:/root/.openclaw \
  ghcr.io/openclaw/openclaw:latest

This command pulls the latest official image and starts a container named "openclaw". The -v ~/.openclaw:/root/.openclaw flag mounts a volume for persistent storage.

Step 2: Production Setup (Docker Compose)

# docker-compose.yml
version: '3.8'
services:
  openclaw:
    image: ghcr.io/openclaw/openclaw:latest
    container_name: openclaw
    restart: unless-stopped
    ports:
      - '127.0.0.1:18789:18789'  # Bind to localhost only!
    volumes:
      - ~/.openclaw:/root/.openclaw
    environment:
      - OPENCLAW_GATEWAY_BIND=0.0.0.0

Save this as docker-compose.yml and run docker-compose up -d. The restart: unless-stopped policy ensures OpenClaw automatically starts after system reboots.

Volume Persistence Critical

The ~/.openclaw volume stores critical data:

  • WhatsApp session authentication (QR code pairing)
  • API keys and service tokens
  • Conversation history and memory
  • Custom skills and configurations

Without this volume mount, you'll need to re-authenticate WhatsApp and reconfigure OpenClaw after every restart!

Local Installation

Local installation provides the best performance and full system access. However, it runs directly on your machine with your user permissions, making it the riskiest option. Only choose this if you need maximum performance or are comfortable with the security implications.

Step 1: Clean Old Versions

# Remove old Clawdbot/Moltbot installations
npm uninstall -g clawdbot moltbot
hash -r  # Clear shell cache

If you previously installed Clawdbot or Moltbot (OpenClaw's predecessors), remove them to avoid command conflicts. The hash -r command clears your shell's command cache, fixing "command not found" errors.

Step 2: Install OpenClaw

npm install -g openclaw@latest

The -g flag installs OpenClaw globally, making the openclaw command available system-wide. If you get permission errors, you may need to use sudo or configure npm to use a user directory.

Step 3: Run Onboard Wizard

openclaw onboard --install-daemon

CRITICAL: Use --install-daemon Flag

Without this flag, OpenClaw runs in the foreground and stops when you close the terminal. This is the #1 cause of "my bot doesn't respond" issues. The daemon flag installs OpenClaw as a system service that persists across terminal sessions and system restarts.

Windows Users Must Use WSL2

OpenClaw does NOT support native Windows CMD or PowerShell. You must use WSL2:

  1. Install WSL2: Open PowerShell as Administrator and run wsl --install
  2. Restart your computer when prompted
  3. Install Ubuntu from Microsoft Store
  4. Open Ubuntu terminal and run all OpenClaw commands there

Cloud VPS Installation

Cloud VPS deployment provides 24/7 availability and remote access, making it ideal for production bots. However, it requires ongoing server maintenance and proper security configuration. Never expose port 18789 directly to the internet—always use SSH tunnel or bind to localhost only.

Provider Method Main Pitfall Cost Best For
Hostinger VPS Template Finding Gateway Token $6-10/mo Beginners
Zeabur Docker Image Port binding restart loop Usage-based Developers
DigitalOcean Droplet + Script Firewall configuration $6/mo Power Users

Hostinger: Finding Your Gateway Token

Hostinger offers a one-click OpenClaw VPS template. After installation, you need the Gateway Token to access the Web UI: 

ssh root@your-vps-ip
cat ~/.openclaw/.env | grep OPENCLAW_GATEWAY_TOKEN

Use this token to log into the Web UI at http://your-vps-ip:18789. Remember to use SSH tunnel (shown below) instead of exposing the port publicly.

Zeabur: Fix Restart Loop

If your Zeabur container keeps restarting with Invalid --bind error, add these environment variables to your service configuration: 

CLAWDBOT_GATEWAY_BIND=auto
CLAWDBOT_GATEWAY_PORT=18789

This allows OpenClaw to auto-detect the correct bind address in Zeabur's containerized environment.

Security: Use SSH Tunnel

NEVER expose port 18789 to the public internet. Use SSH tunnel instead: 

ssh -L 18789:127.0.0.1:18789 root@your-vps-ip

This creates a secure tunnel from your local machine's port 18789 to the VPS. Then access http://localhost:18789 in your browser. The connection is encrypted through SSH, keeping your OpenClaw instance secure.

Post-Install Configuration

Essential Security Steps

  • 1. Change default Gateway token
  • 2. Configure firewall (block port 18789 externally)
  • 3. Set up automatic updates
  • 4. Enable two-factor authentication where available
  • 5. Review our Security Risks guide

Next Steps

  • • Connect WhatsApp (scan QR code)
  • • Install useful skills from ClawHub
  • • Configure your first agent
  • • Set up scheduled tasks
  • • Explore alternatives if needed

Common Issues & Troubleshooting

# Check if daemon is running
ps aux | grep openclaw

# Check logs
openclaw logs --tail 100

# Restart daemon
openclaw stop && openclaw start --daemon

# Reset configuration
rm -rf ~/.openclaw
openclaw onboard --install-daemon

"Command not found" after installation

Run hash -r to refresh shell cache. If using nvm, restart your terminal.

Port 18789 already in use

Find and kill the process: lsof -ti:18789 | xargs kill -9

Permission denied errors

Don't use sudo with npm. Configure npm to use user directory instead.

Container keeps restarting (Zeabur)

Add CLAWDBOT_GATEWAY_BIND=auto environment variable.

View Full Troubleshooting Guide

Frequently Asked Questions

Which installation method should I choose?

Docker is recommended for most users as it provides isolation and easy cleanup. It's the safest option for production deployments.

Local installation offers the best performance and full system access, but has higher security risks since it runs directly on your machine.

Cloud VPS is best for 24/7 operation and teams, but requires ongoing server maintenance and proper security configuration. Never expose port 18789 to the internet.

Why is the --install-daemon flag important?

Without --install-daemon, OpenClaw runs in the foreground and stops when you close the terminal. This is the #1 cause of "my bot doesn't respond" issues.

The daemon flag installs OpenClaw as a background service that persists across terminal sessions and system restarts. It integrates with your OS's service manager (systemd on Linux) to automatically start on boot.

Can I run OpenClaw on Windows?

OpenClaw does not support native Windows CMD or PowerShell. Windows users must use WSL2 (Windows Subsystem for Linux).

Install WSL2 with wsl --install in PowerShell (as Administrator), restart your computer, then install Ubuntu from the Microsoft Store. Run all OpenClaw commands inside the Ubuntu terminal.

How do I fix the 'command not found' error after installation?

Run hash -r to clear the shell's command cache. This is especially common after uninstalling old versions (Clawdbot/Moltbot) or when using nvm to manage Node.js versions.

If the issue persists, check that your npm global bin directory is in your PATH: npm bin -g

Why is port 18789 security critical?

Port 18789 is OpenClaw's Gateway port for the Web UI and API. If exposed to the internet without authentication, attackers can:

  • Scan for it using services like Shodan
  • Access your OpenClaw instance if they guess or obtain the token
  • Execute arbitrary code on your server

Always bind to 127.0.0.1 (localhost) or use SSH tunnel for remote access. Never expose this port publicly.

How do I backup my OpenClaw data?

The ~/.openclaw directory contains all your data: WhatsApp sessions, API keys, conversation history, and configuration.

For Docker: This directory is mounted as a volume. Back up the host directory.

For Local/Cloud: Back up this directory regularly. Consider using the SlowMist nightly audit script for automated backups to Git.

My cloud VPS container keeps restarting. How do I fix it?

On platforms like Zeabur or Railway, the container may restart in a loop with "Invalid --bind" error. This happens because the container can't auto-detect the correct network interface.

Add these environment variables to fix it:

CLAWDBOT_GATEWAY_BIND=auto
CLAWDBOT_GATEWAY_PORT=18789

Ready to install? Remember to review the security risks first.

Review Security Risks Explore Alternatives