Back to Blog
security openclaw api-keys guide best-practices

OpenClaw Security Best Practices: Protecting Your API Keys & Data

Henry
February 16, 2026
6 min read

Let’s be honest: giving an AI assistant access to your email, files, and messaging apps is a bit terrifying.

I’ve seen people give OpenClaw access to their entire computer, their API keys, their business accounts… and then wonder why things went wrong.

This guide covers everything you need to know about running OpenClaw securely. Whether you’re setting it up yourself or working with someone who does setups, these are the practices that matter.

The Security Mindset

Before diving into specifics, understand this: OpenClaw is powerful because it can take actions. That same power is a security risk if misconfigured.

Think of it like giving someone keys to your house. You want to:

  1. Give them only the keys they need
  2. Know what doors those keys open
  3. Be able to change the locks if needed
  4. Monitor who’s coming and going

Same principles apply here.

API Key Security

The Problem

Your API keys (Anthropic, OpenAI, etc.) are essentially your credit card for AI services. If someone gets them, they can:

  • Run up massive bills on your account
  • Use your quota for their own projects
  • Access anything the API allows

Best Practices

1. Never commit keys to git

# Add to .gitignore
.env
.secrets
*.key
config.yaml  # if it contains secrets

2. Use environment variables Instead of hardcoding keys in config files:

# In your .bashrc or .zshrc
export ANTHROPIC_API_KEY="sk-ant-..."
export OPENAI_API_KEY="sk-..."

3. Set spending limits Every API provider lets you set spending caps:

  • Anthropic: Dashboard → Usage → Set limit
  • OpenAI: Settings → Billing → Usage limits
  • Set BOTH a soft limit (alert) and hard limit (stops)

4. Rotate keys periodically Every 90 days, generate new keys and revoke old ones. Yes, it’s annoying. Do it anyway.

5. Use separate keys for different purposes Don’t use your production key for testing. Create separate keys:

  • openclaw-prod for your main instance
  • openclaw-dev for experiments

What We Do at SetupMyClaw

Every setup includes:

  • Proper environment variable configuration
  • Spending limits set before you start
  • Key rotation reminders in your setup docs
  • Separate recommendation for test vs production keys

Permission Lockdown

The Principle of Least Privilege

OpenClaw should only have access to what it needs. Nothing more.

File System Access

# Bad: Full access
sandbox:
  security: full
  
# Good: Restricted to workspace
sandbox:
  security: allowlist
  allowedPaths:
    - ~/Documents/openclaw-workspace
    - ~/Downloads

Tool Access Don’t enable every tool just because you can. Start minimal:

# Start with read-only tools
tools:
  - web_search
  - read_file
  
# Add write tools only when needed
# - write_file
# - exec
# - browser

Messaging Permissions If using Telegram/WhatsApp:

  • Create a dedicated bot account
  • Don’t give it access to all your chats
  • Use a specific group or channel for OpenClaw

Network Security

Basic Firewall Rules If running on a VPS, lock it down:

# Allow SSH only from your IP
sudo ufw allow from YOUR_IP to any port 22

# Allow OpenClaw web UI only locally
# (access via SSH tunnel, not open internet)
sudo ufw deny 18789

# Enable firewall
sudo ufw enable

SSH Tunnel for Web Access Never expose the OpenClaw web interface to the internet. Use an SSH tunnel:

ssh -L 18789:127.0.0.1:18789 user@your-server
# Then access http://127.0.0.1:18789 locally

Common Security Mistakes

Mistake 1: Running as Root

Bad: sudo openclaw gateway start Good: Create a dedicated user:

sudo adduser openclaw
sudo su - openclaw
# Install and run as this user

Mistake 2: Exposing the Web Interface

The OpenClaw dashboard should NEVER be accessible from the public internet. Even with a password, it’s a target.

Mistake 3: Storing Secrets in Chat History

Don’t paste API keys or passwords into conversations with your AI. They get logged.

Mistake 4: Giving Full Exec Access

The exec tool can run any shell command. That’s incredibly powerful and dangerous.

# Safer approach
tools:
  exec:
    security: allowlist
    allowedCommands:
      - git
      - npm
      - python

Mistake 5: Ignoring Skills/Plugins Security

Skills from ClawHub are community-contributed. Before installing:

  • Check the author’s reputation
  • Read the skill’s code
  • Understand what permissions it needs

The CVE-2026-25253 vulnerability showed that malicious skills are a real threat.

Security Checklist

Use this before going live:

[ ] API keys in environment variables (not config files)
[ ] Spending limits set on all API providers
[ ] Running as non-root user
[ ] Web interface not exposed to internet
[ ] SSH using key authentication (not password)
[ ] Firewall enabled and configured
[ ] File access restricted to specific directories
[ ] Exec tool allowlisted (not full access)
[ ] Messaging bot in dedicated account/group
[ ] Skills reviewed before installation
[ ] Backup strategy in place
[ ] Key rotation reminder set (90 days)

Monitoring

Log Review

Check logs regularly for anomalies:

# View recent gateway logs
journalctl -u openclaw -n 100

# Look for errors
journalctl -u openclaw | grep -i error

Usage Monitoring

Set up alerts for unusual API usage. If your normal daily spend is $2 and suddenly it’s $50, something’s wrong.

Access Auditing

If multiple people access your OpenClaw:

  • Use separate user accounts
  • Review session logs
  • Know who did what and when

What About Cloud Providers?

If using a hosted solution (like our trial), security considerations shift:

Provider Responsibility:

  • Server hardening
  • Network security
  • Updates and patches

Your Responsibility:

  • Your API keys
  • What permissions you grant
  • What data you expose to the AI

Always ask your provider:

  1. Where is data stored?
  2. Who has access?
  3. What’s the backup/recovery process?
  4. How are updates handled?

Recovery Plan

Things will go wrong. Have a plan:

  1. Know how to stop OpenClaw quickly

    openclaw gateway stop
# or
systemctl stop openclaw

  2. Have API key revocation ready Bookmark the pages where you can instantly revoke keys.

  3. Backup your configuration

    # Daily backup of config
cp -r ~/.openclaw ~/backups/openclaw-$(date +%Y%m%d)

  4. Know your escalation path If something goes really wrong, who do you contact?

Getting Help

Security is complex. If you’re not confident in your setup:

  • DIY with caution: Follow this guide, test thoroughly, start with limited permissions
  • Hire help: Professional setup ensures nothing is missed
  • Use managed hosting: Let someone else handle server security

At SetupMyClaw, security is built into every setup:

  • Proper permission configuration
  • Firewall rules set
  • SSH hardened
  • Monitoring configured
  • Documentation of what’s set up and why

Learn about our secure setup process →

Stay Updated

OpenClaw evolves. Security practices evolve. Stay current:

  • Follow @openclaw for security announcements
  • Join the OpenClaw Discord for community help
  • Subscribe to our blog for security updates

Questions about securing your setup? Email us. Security questions always welcome.

Need Help Setting Up OpenClaw?

Skip the guides and get expert help. We'll set everything up for you in a 60-minute Zoom call.

Book a Setup Session - From $49
All Articles