All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Help Us Secure Self-Hosted AI: OpenClaw Setup Script (Open Source)
Hey LET,
In the beginning of 2026, security researchers found 42,000+ OpenClaw instances running exposed to the internet with zero authentication. API keys, conversations, personal data, all wide open.
We decided to fix that.
The Project
We created an open-source setup script that installs and hardens OpenClaw properly:
π github.com/RareCloudio/openclaw-setup
It implements an 8-layer security model:
- nftables firewall (only SSH open)
- fail2ban (brute-force protection)
- SSH hardening (custom port, DenyUsers)
- Gateway token authentication
- AppArmor profiles
- Docker sandbox for agent code
- systemd isolation (NoNewPrivileges, ProtectSystem)
- Screen lock for desktop mode
The dashboard binds to localhost only; no more exposed instances.
Why We Need Your Help
We're a small team and we want this script to be bulletproof. The more eyes on the code, the better.
We're looking for:
- π Security researchers β Find vulnerabilities, suggest hardening improvements
- π» Developers β Add features, improve code quality, fix bugs
- π Documentation β Better README, tutorials, translations
- π§ͺ Testers β Try it on different environments, report issues
- π§ Linux experts β Support for more distributions (currently Ubuntu 24.04 only)
What You Get
All contributors will be credited in the README:
- Contributors section for code/docs/testing contributions
- Security Acknowledgments for vulnerability reports
- Sponsors section for significant contributions
We also welcome PRs, issues, and discussions on GitHub.
How to Contribute
- Check out the repo: github.com/RareCloudio/openclaw-setup
- Read CONTRIBUTING.md
- For security issues, email [email protected] (see SECURITY.md)
- For everything else, open an issue or PR
Questions? Ideas? Roast our code? Let us know below. π
Links:
- GitHub: github.com/RareCloudio/openclaw-setup
- Security Policy: SECURITY.md
A Note Before the Comments Roll In
We know how LET works. Someone will say this is just marketing, someone else will say the project is pointless, and a third will explain why we're doing everything wrong.
Here's the thing: we started this project because we wanted more people to have access to modern AI tools, safely. The script is free, open source, and works on any VPS from any provider. Yes, we sell pre-configured OpenClaw VPS for people who want a done-for-you option, but the script itself costs nothing and always will.
If you want to help, this is a win-win for everyone. The open source community gets a secure, maintained setup tool. Contributors get credited in all project documentation and on GitHub. We all benefit from more eyes on the security side.
If you think this is trash, feel free to scroll past. But if you have actual security expertise or development skills and want to make self-hosted AI safer for everyone, jump in. PRs, issues, code reviews, even just testing on your distro. Every contribution matters and every contributor gets recognized.
Comments
let them be it
last part is necessary for final boss gooner of LET
lol
)
was this setup script made with openclaw?
Ahahaa:)))
No, with Claude Code, lol
No AlmaLinux/ RHEL support...
Sadage
Nvidia is going to release NemoClaw, based on OpenClaw, which will be very secure and ready for enterprise deployment.
But, Kudos to the attempt !
uhh why we expose the openclaw to the internet? That is just an agentβ¦
this is the reason we asked for contributors.
Yes, seen the news. too. It sounds good, waiting for the release.
Hey everyone, bumping this thread with a quick update.
First, sorry for not being more active here lately.
We've been heads-down upgrading our infrastructure: building brand new servers with AMD Ryzen 7 5700G CPUs and NVMe storage for our Romania locations, which are almost ready. It's been consuming most of our time, but we haven't forgotten about this project.
To the haters: totally fine if this isn't your thing, feel free to scroll past. We get it, LET is LET. But please keep it constructive if you do comment, there are people here who genuinely want to learn and contribute, and noise doesn't help anyone.
To everyone else: we're still very much committed to making OpenClaw setup as easy, accessible, and secure as possible. The project is open source, free, and always will be. No catch.
What you get if you contribute:
Where we need help right now:
- User experience improvements: making OpenClaw accessible to people who are not Linux experts, simpler setup flows, better error messages, guided configuration
Repo: github.com/RareCloudio/openclaw-setup
Even a small PR, an issue, or just testing it on your setup and reporting back counts. Every bit helps and every contributor gets recognized. Thanks.
Do you expect others to develop a tool that you essentially use for self-promotion?
they will promote them-selves as well ... this is how open-source works