Security

How we keep your instances safe and what you can do to help.

Overview

Clawy provisions and manages dedicated virtual machines for each user. Security is foundational to everything we build — from the hypervisor layer up to the network edge. This page outlines the measures we have in place and what you can do to keep your environment secure.

Infrastructure Isolation

Every Clawy instance runs in its own dedicated virtual machine. There is no shared tenancy.

  • Each user gets a fully isolated KVM virtual machine via Proxmox VE
  • VMs have dedicated CPU, RAM, and disk — no resource sharing between instances
  • Network isolation via NAT (private 10.x subnet) and firewall rules
  • VMs cannot communicate with each other — only with the internet and the management layer

Data Protection

  • TLS everywhere — Caddy auto-provisions and renews HTTPS certificates for all instances
  • All infrastructure is hosted exclusively on Hetzner dedicated servers in Germany
  • No cross-VM data access — each VM's filesystem is completely isolated
  • Management API communication between Rails and the Proxmox agent uses TLS with bearer token authentication
  • Database connections are encrypted and access-controlled

What We Access (and Don't)

What we access

  • VM metadata: CPU usage, memory usage, disk usage, uptime, and running status
  • Network configuration: IP addresses, port mappings, and DNS records
  • Service health: whether OpenClaw gateway and system services are running

What we do NOT access

  • Your files, documents, or any data stored inside the VM
  • Your conversations, chat history, or AI interactions
  • Your Telegram messages or bot conversations
  • Your Claude CLI sessions or prompts

Your VM is your private environment. We treat it like a locked room — we can see the lights are on, but we don't look inside.

Authentication & Access Control

  • Passwords are hashed with bcrypt — we never store or transmit plaintext passwords
  • API keys use tiered permissions (read, manage, admin) — principle of least privilege
  • Web sessions are cookie-based with secure, HTTP-only flags
  • SSH access to VMs uses key-only authentication — password login is disabled
  • The management agent uses bearer token authentication over TLS

Network Security

  • UFW firewall enabled on every VM with a default-deny inbound policy
  • fail2ban protects against brute-force SSH and service attacks
  • VMs live on isolated NAT networks — no direct internet-routable IPv4
  • Caddy reverse proxy terminates TLS at the edge before forwarding to VMs
  • Only explicitly allowed ports (SSH, gateway, dashboard) are open

Dos and Don'ts

Security is a shared responsibility. Here's how you can help keep your instance safe.

Do

  • Use a strong, unique password for your Clawy account
  • Keep your SSH keys safe and never share private keys
  • Use the lowest API key tier that meets your needs
  • Regenerate API keys if you suspect they've been compromised
  • Report security issues to us promptly

Don't

  • × Share your API keys or embed them in public repositories
  • × Disable the UFW firewall on your VM
  • × Run untrusted code or scripts without reviewing them first
  • × Open additional ports without understanding the implications
  • × Share your Telegram bot token with third parties

Vulnerability Reporting

If you discover a security vulnerability, please report it responsibly. We take all reports seriously and will respond promptly.

Use our report page or email us directly at security@clawy.io.

Contact

For security-related questions or concerns, reach us at security@clawy.io.