July 3, 2026 · 6 min read · RemoteWebAdmin Team

OpenClaw Firewall Rules: The Only 3 Ports You Should Open

OpenClaw firewall rules explained: UFW and iptables commands, cloud firewalls on DigitalOcean and Hetzner, and why port 18789 must never be public.

OpenClaw Firewall Rules: The Only 3 Ports You Should Open

OpenClaw Firewall Rules: The Only 3 Ports You Should Open

The correct OpenClaw firewall rules come down to one sentence: allow inbound TCP on ports 22, 80, and 443, deny everything else, and keep OpenClaw’s own port 18789 bound to localhost behind nginx. That is the entire posture. This guide gives you the exact UFW and iptables commands, the matching cloud firewall setup on DigitalOcean and Hetzner, and how to prove from outside that it all worked.

Which Ports Does OpenClaw Actually Need?

An OpenClaw server has exactly four ports that matter, and only three of them should ever accept traffic from the internet:

PortWhat it’s forFirewall action
22/tcpSSH admin accessAllow (then harden - see below)
80/tcpHTTP - Let’s Encrypt validation and redirects to HTTPSAllow
443/tcpHTTPS - all web and webhook traffic via nginxAllow
18789/tcpThe OpenClaw gateway itselfNever open - localhost only

Everything else - database ports, Node debug ports, anything a package installed without telling you - stays closed by the default-deny policy you are about to set.

The one people get wrong is 18789. It feels natural to open the port your app listens on. Do not. OpenClaw holds your AI provider API keys and your full conversation history; exposing the gateway directly means anyone who finds your IP can probe it. All traffic must arrive through nginx on 443, where you get TLS, access logs, and a single controlled entry point.

UFW ships with Ubuntu and is the simplest way to express the policy. Run these in order from an active SSH session:

sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22/tcp    # SSH
sudo ufw allow 80/tcp    # HTTP (Let's Encrypt + redirect)
sudo ufw allow 443/tcp   # HTTPS (all OpenClaw traffic via nginx)
sudo ufw enable

UFW warns that enabling may disrupt existing SSH connections. Because you allowed 22/tcp first, you are safe - confirm with y.

Check the result:

sudo ufw status verbose

You should see Default: deny (incoming), allow (outgoing) and exactly three allow rules. If there is a rule for 18789 from an earlier experiment, delete it:

sudo ufw delete allow 18789/tcp

Optional but worthwhile: rate-limit SSH so UFW itself throttles brute-force attempts:

sudo ufw limit 22/tcp

This replaces the plain allow rule and blocks IPs that open six or more connections in 30 seconds.

Step 2: iptables Equivalents

If you prefer raw iptables or run a distro without UFW, this ruleset expresses the same policy:

# Keep established connections working
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

# Loopback must stay open - nginx talks to OpenClaw over it
sudo iptables -A INPUT -i lo -j ACCEPT

# The three allowed ports
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

# Everything else: drop
sudo iptables -P INPUT DROP

The loopback rule matters more here than it looks. Nginx reaches OpenClaw at localhost:18789, so if you drop loopback traffic your site returns 502s even though nothing is “wrong” with either service.

iptables rules vanish on reboot unless you persist them:

sudo apt-get install -y iptables-persistent
sudo netfilter-persistent save

Pick UFW or iptables, not both - UFW manages iptables underneath, and hand-written rules alongside it lead to confusing conflicts.

Step 3: Keep Port 18789 Off the Internet

The firewall is your outer wall, but the binding address is the real fix. Verify what OpenClaw is listening on:

sudo ss -tlnp | grep 18789

Good output shows 127.0.0.1:18789. If you see 0.0.0.0:18789, OpenClaw is listening on every interface and only your firewall stands between the gateway and the internet. Fix the config so the exposure cannot happen at all:

server:
  host: "127.0.0.1"
  port: 18789

Then restart:

pm2 restart openclaw

This is defence in depth: even if someone disables UFW during troubleshooting and forgets to re-enable it, a localhost-bound gateway still is not reachable from outside.

Step 4: Add a Cloud Firewall Layer

Both providers from our VPS install guide offer free network-level firewalls that filter traffic before it ever reaches your server.

DigitalOcean: In the control panel, go to Networking, then Firewalls, and create a new firewall. Add inbound rules for TCP 22, 80, and 443, leave outbound open, and apply it to your droplet. Anything not matching an inbound rule is dropped at the network edge.

Hetzner: In the Cloud Console, open Firewalls and create one with the same three inbound TCP rules, then apply it to your server. Hetzner drops all non-matching inbound traffic by default once a firewall is attached.

Run the cloud firewall and UFW together with identical policies. The cloud layer protects you when someone flushes iptables during debugging; UFW protects you when a teammate detaches the cloud firewall “just to test something”. Neither layer should trust the other to be correct.

Rather not maintain this yourself?

We install and run managed OpenClaw for you - setup, SSL, firewall, updates, monitoring, and fixes when a channel breaks. Your AI assistant on WhatsApp, Telegram, Discord, or iMessage - always running.

See managed plans

Step 5: Harden the One Port That Stays Open

Port 22 is the only interactive door left, so it deserves extra locks.

Install fail2ban to ban IPs that hammer SSH:

sudo apt-get install -y fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Create /etc/fail2ban/jail.local:

[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 5

[sshd]
enabled = true
port = 22

That bans any IP failing SSH login 5 times within 10 minutes, for an hour. Confirm it is watching:

sudo fail2ban-client status sshd

Then disable password logins entirely in /etc/ssh/sshd_config:

PasswordAuthentication no
PermitRootLogin prohibit-password
PubkeyAuthentication yes

Restart with sudo systemctl restart sshd - after confirming your SSH key works in a second session, so you do not lock yourself out. With keys required and fail2ban running, brute-force attempts against port 22 become noise in a log file.

How Do I Verify My Firewall Rules From Outside?

Rules that look right from inside the server prove nothing. Test from a machine that is not your VPS - your laptop, or any other host you control.

Scan the public IP:

nmap -Pn YOUR_SERVER_IP

The expected result is ports 22, 80, and 443 reported as open and nothing else. Any additional open port is a rule you need to hunt down and remove.

Then attack the exact failure mode this guide exists to prevent:

curl -m 5 http://YOUR_SERVER_IP:18789

The correct outcome is a timeout or connection refused. If you get any response from OpenClaw, the gateway is publicly exposed - go back to Step 3 and check both the binding address and your firewall rules.

Finally, confirm the legitimate path works:

curl -I https://ai.yourdomain.com

A 200 or a redirect means nginx is serving traffic over 443 exactly as intended.

The Complete Checklist

  • UFW (or iptables) default-deny inbound, with only 22, 80, 443 allowed
  • No firewall rule for 18789 anywhere
  • ss -tlnp | grep 18789 shows 127.0.0.1:18789
  • Cloud firewall attached with the same three-port policy
  • fail2ban active on SSH, password authentication disabled
  • External nmap scan shows only 22, 80, 443
  • curl against port 18789 on the public IP fails

For the rest of the hardening picture - SSL verification, OpenClaw authentication, and the update routine - see the full security guide. And if you serve OpenClaw on a LAN or bare IP where Let’s Encrypt is not an option, the self-signed HTTPS guide covers that path.

Frequently Asked Questions

What ports does OpenClaw need open?

Only three: 22 for SSH, 80 for HTTP, and 443 for HTTPS. OpenClaw itself listens on port 18789, but that port must stay closed to the internet - all traffic reaches it through the nginx reverse proxy on 80 and 443. If your firewall shows any other inbound port open, close it.

Should the OpenClaw dashboard be exposed to the internet?

No. The OpenClaw gateway on port 18789 must be bound to localhost only and reached exclusively through nginx with HTTPS and authentication enabled. Verify with ss -tlnp | grep 18789 - the output must show 127.0.0.1:18789. If it shows 0.0.0.0:18789, fix the host setting in your config immediately.

Do I need both UFW and a cloud firewall like DigitalOcean's?

Use both. A cloud firewall filters traffic before it reaches your server, while UFW protects you if the cloud rules are ever misconfigured or removed. Apply the same policy in each layer - allow 22, 80, and 443 inbound, deny everything else - so neither layer depends on the other being correct.

How do I check my OpenClaw firewall rules from outside the server?

From a machine that is not your VPS, run nmap against your server's IP and confirm only ports 22, 80, and 443 report open. Then run curl http://YOUR_SERVER_IP:18789 - it must time out or be refused. If it returns anything from OpenClaw, port 18789 is publicly exposed and needs to be closed.

Does fail2ban replace a firewall for OpenClaw?

No - they solve different problems. A firewall decides which ports accept connections at all, while fail2ban watches the ports you left open (mainly SSH on 22) and bans IPs after repeated failed logins. Run both: UFW or iptables to close everything except 22, 80, and 443, plus fail2ban to defend the SSH port that stays open.

Ready for Your Personal AI Assistant?

Free 30-minute consultation. We'll assess your setup and recommend the right OpenClaw configuration for you.

Talk to an Expert