Security5 min read · Updated March 2026

How We Keep Your OpenClaw Setup Secure

Your data lives on your own server — not on our platform, not in a shared cloud. Here's exactly what we configure from day one, and what we check every week to make sure it stays that way.

Why self-hosting changes the security picture

With tools like ChatGPT or Notion AI, every message travels to someone else's servers. Their infrastructure, their storage, their terms. You're trusting their security team, their compliance, and their business decisions.

With OpenClaw, we deploy to a server you control — typically a Hetzner VPS in Germany. Your conversations, memory files, and automations stay on that machine. The AI model is still accessed via API (Anthropic or OpenAI), but everything surrounding it — your context, history, workflows — lives on your infrastructure.

What happens to your API calls

Your actual prompts do travel to the AI provider's servers for processing — the language model runs there, and that can't be avoided. But the policies for API usage differ significantly from consumer products:

Anthropic states explicitly: "We do not use API data for training (unless you have an agreement with us that states otherwise)." This is their published policy for API customers — different from Claude.ai (the chatbot), which may use conversations for model improvement.

💡 In practice: We use the Claude API for OpenClaw, not the consumer chatbot. Your conversations are processed but not used to train models. We verify this policy is current for whichever provider we configure for your setup.

What we configure on day one

Every setup we deliver includes the following from the start — not as optional extras:

Dedicated non-root user — OpenClaw runs under its own account with limited system permissions. A misconfiguration can't touch the rest of the server.
SSH keys only, passwords disabled — no brute-force surface for automated bots scanning port 22.
Firewall locked down — only the ports that need to be open are open. The OpenClaw gateway port (18789) is bound to loopback only — never exposed publicly.
fail2ban running — automatically bans IPs after repeated failed login attempts.
Secrets in environment variables — API keys and tokens are never stored in the workspace folder where the AI can read them.
File permissions hardened — ~/.openclaw/ is 700, credentials are 600.
Daily backups running — workspace synced to a second location automatically every night.

What we do every week

Security isn't a one-time setup. We run the following on a weekly schedule, automatically:

OpenClaw updates — npm install -g openclaw@latest runs every Sunday. Security patches ship regularly and we don't let them sit.
Security audit — openclaw security audit --deep checks for misconfigurations, exposed ports, permission issues, and known vulnerabilities. We alert you if anything needs attention.
Gateway health check — we verify the daemon is running and responding. If it's down, we know before you do.
Backup verification — we check that last night's backup completed successfully.

GDPR and data residency

We deploy on Hetzner's EU infrastructure by default (Germany or Finland). Your data doesn't leave the EU at rest. If you process personal data about clients or contacts, this matters: you remain the data controller, and the data stays on EU-based infrastructure under your control.

⚠️ One honest caveat: API calls to Anthropic or OpenAI go to US-based servers for processing. If you handle sensitive personal data — medical, financial, legal — we'll discuss this during setup and help you configure appropriate boundaries.

Sources

Want a secure setup from day one?

We configure everything correctly the first time and keep it that way. You don't touch the terminal.

Book a free call →