Safest Way to Set Up OpenClaw Safely Using Cloudflare Workers
(No Server Skills Needed)

What Is OpenClaw — And Why Is Everyone Talking About It?

OpenClaw (which you may know as Clawdbot or Moltbot — it's gone through names faster than most startups pivot) is currently one of the most talked-about AI tools of 2026. It crossed 180,000 GitHub stars within weeks of going viral, making it one of the fastest-growing open-source projects in history. People in the US are buying Mac Minis just to run it on dedicated hardware. In Singapore and across Asia, it's generating just as much buzz.

But here's what most people get wrong about it: OpenClaw is not a new AI model. It's not smarter than Claude or GPT-4. What it does is use existing large language models like Claude or GPT as its brain — essentially giving those AI models hands, and more importantly, continuity. The ability to act, not just respond.

With regular AI tools like ChatGPT, you ask a question, it gives you an answer, then it goes back to sleep. It reacts only when triggered. With OpenClaw, you give it a goal and it actually does the thing. It'll search the web, read your files, send emails, schedule meetings — whatever you need. And it runs 24/7 in the background through a process called a daemon that's always on, listening for two things: messages from you and scheduled tasks you've set up through cron jobs (for example, "check my stocks every 30 minutes").

It also maintains continuity by storing what it learns about you in text files and loading relevant pieces before each task. So when you combine all of this together — context continuity, autonomous execution, 24/7 availability — it starts to feel like you actually have a real assistant that knows you and can work independently without you having to prompt every single step.

That's the dream. And it's mostly real. But it comes with a catch.

Should You Run OpenClaw on Your Own Computer?

Here's something I want to address before anything else: where you run OpenClaw matters enormously.

OpenClaw can read your files, execute terminal commands, send emails, install software — essentially anything you can do on your computer yourself. That versatility and independence is exactly why it's so powerful. It's also exactly why you need to think carefully about what machine you install it on.

I would not install OpenClaw on your main work computer — the one where your client data, personal photos, and sensitive documents live. This is why many early adopters are running it on a dedicated device like a Mac Mini, or in the cloud.

There are two main cloud options. Let me explain both.

Option 1: VPS (Virtual Private Server)

A VPS is like a computer provisioned for you in the cloud, isolated from any other machines. Think of it like renting a small apartment in a big city. Your SSH key is the apartment key — it lets you in to rearrange furniture, install appliances, store valuables. When you run OpenClaw on a VPS, you're giving your AI assistant a copy of that key plus all the permissions to move furniture, install things, and make holes in the walls if you let it.

If something goes wrong, it doesn't affect your real computer — only the one in the cloud. But here's the catch: unless you understand security hardening, SSH configuration, firewall rules, and access controls, a VPS can actually be riskierthan you think. You now have a server exposed to the internet that needs to be properly secured. If someone breaks in, they get everything stored inside — and they might use it as their base of operations.

Option 2: Cloudflare Workers (What I Recommend for Non-Technical Users)

This is where Cloudflare comes in — and it's the approach I cover in this guide.

With Cloudflare Workers, the analogy changes. Instead of renting an apartment in the city, you're renting a kiosk inside a secure, managed shopping mall. You can run your assistant from the kiosk, but you never sleep there and you don't store your personal house keys in it. Cloudflare — the mall management — handles the security, manages the infrastructure, controls which doors the kiosk can and can't access.

So even if something goes wrong at the kiosk, the intruder is stuck in the mall. There's no door from the kiosk back to your house.

For non-technical users who want to try OpenClaw safely, deploying on Cloudflare Workers is the recommended path. You're not managing a server. You're not exposing your personal machine. Cloudflare handles the security infrastructure. It's essentially plug-and-play — connect your messaging apps, plug in your AI API keys, and you're good to go.

OpenClaw on Cloudflare vs VPS: Quick Comparison

Cloudflare WorkersVPSServer management requiredNoYesFirewall configuration requiredNoYesYour personal machine at riskNoNoSecurity hardening neededMinimalSignificantMonthly cost~$5/month~$6–20/monthBest forNon-technical usersTechnical usersRisk if misconfiguredLowHighMemory / continuityYes (via R2 bucket)Yes

What You Need Before You Start

Accounts to set up (all free to create):

• Cloudflare account — cloudflare.com

• GitHub or GitLab account — github.com

• Anthropic account — platform.anthropic.com

Paid plans required:

• Cloudflare Workers Paid Plan — $5/month (required for Cloudflare Sandbox containers)

• Cloudflare R2 Bucket — $0 (free tier)

• Cloudflare Zero Trust Plan — $0 (free tier)

• Anthropic API — billed per usage based on your Claude model and volume

Software to install:

• Node.js (nodejs.org) — Node.js runs the JavaScript environment that powers the deployment. If JavaScript is the DVD with the content you want to run, Node.js is the DVD player.

Step-by-Step: Deploying OpenClaw on Cloudflare Workers

Step 1: Go to the MoltWorker GitHub Repository

Head over to github.com/cloudflare/moltworker. This is the official Cloudflare repository with full documentation for deploying OpenClaw (via the MoltWorker wrapper) onto Cloudflare's infrastructure.

Two deployment options exist: via the Cloudflare UI (no command line needed) or via terminal commands. The documentation shows a lot of the terminal approach, but in this guide I'm walking through the UI approach — no terminal experience required (except for one short command to generate your gateway token).

Before clicking anything, I recommend reading through the architecture diagram in the documentation. It shows you exactly how access flows through the system:

• JWT Token (JSON Web Token): Like a ticket to get into a concert or cinema. It checks whether you have the right credentials to access your instance — not just anyone can get in.

• Gateway Keys: Additional security controls at the appropriate junctures.

• Sandbox Container: An isolated environment where the Control UI runs, separated from everything else.

• R2 Bucket: This is where OpenClaw stores its memory in text format — similar to an S3 bucket. This is what gives your assistant continuity, so it's not forgetting everything you've told it or tasks it's completed. Without this, it can't feel like a real 24/7 assistant.

Once you understand the architecture, continue with setup.

Step 2: Click "Deploy to Cloudflare"

In the repository documentation, there's a "Deploy to Cloudflare" button. Click it. If you don't have a Cloudflare account yet, create one free at cloudflare.com first.

You can also navigate manually via the left sidebar: Workers & Pages → Create a new Worker.

Step 3: Configure Your Deployment

Once inside the deployment setup screen, configure the following:

Git Repository:

• Connect to your GitHub or GitLab account (create one free at github.com if needed)

• Check "Create private git repo" — you don't want your deployment configuration shared publicly

• This creates a backup of everything you're building. If anything ever goes wrong, you can go back and see the latest build that was automatically saved

Project Name:

• Leave as default (e.g. moldbot-sandbox) or name it as you prefer

R2 Bucket:

• Select "Create new"

• Name it moldbot-data or similar

• Select the location hint closest to you — if you're in Singapore or Southeast Asia, choose the nearest available region

Step 4: Add Your Anthropic API Key

Go to platform.anthropic.com, log in, navigate to API Keys, and click "Create API Key". Name it something clear like openclaw-key, leave the workspace as default, and copy the key. Paste it into the Anthropic API Key field in the Cloudflare setup.

Keep this key secret. Revoke it immediately if you think it's been exposed. I revoke mine after every recording.

Step 5: Generate Your Gateway Token

The gateway token secures access to your OpenClaw gateway — treat it like a password.

Open your terminal (Mac: search "Terminal" in Applications; Windows: Command Prompt) and run:

bash

openssl rand -hex 32

This tells your system to generate a completely random string of characters. Copy the output and paste it into the MoltBot Gateway Token field in your Cloudflare setup. You theoretically could create your own password, but using OpenSSL-generated randomness is significantly more secure.

Step 6: Deploy

Hit "Create and Deploy". The build takes a few minutes. Cloudflare is initialising and deploying the MoltWorker to your environment — setting up all the necessary infrastructure pieces. Nothing is connected yet; it's just establishing the foundation.

Completing the Security Setup (Do Not Skip This)

Once the build completes, head back to Workers & Pages and open your new worker. You'll see its URLs and connected assets. Now it's time to lock everything down.

Enable Cloudflare Access

In the Settings tab of your worker, click the triple-dot menu and toggle on Cloudflare Access. A popup will show you:

• Audience Token — copy and store somewhere safe

• JWK's URL — copy and store too

This is a critical authentication layer that manages which applications can access your instance.

Configure Zero Trust Access Policies

Click "Manage Cloudflare Access" — this opens the Zero Trust dashboard. If prompted to subscribe to the Zero Trust plan, go ahead — it's $0.

In Zero Trust, navigate to Policies and confirm your email address is in the allow list. This ensures only you can authenticate and access the instance. You can add other people's email addresses here too if you want to grant access to anyone else.

Protect Your Paths

Following the documentation, add the paths you want to protect — specifically /admin/* and any others specified. Save the application, then copy the AUD tag that's generated.

Add Required Secrets

Go back to your Workers dashboard and add these secrets one by one (click Add secret each time):

Secret NameWhere to Find ItCF_ACCESS_AUDThe AUD tag from Zero Trust setupCF_ACCESS_TEAM_DOMAINZero Trust → Settings → your Team Domain

After adding each one, click Deploy to push all changes live.

Setting Up R2 Persistent Memory Storage

Without R2, your OpenClaw assistant loses all memory between restarts. This step is what makes it feel like a real 24/7 assistant rather than something starting fresh every time.

In your Cloudflare dashboard, navigate to Storage & Databases → R2 Object Storage. You should see your moldbot-data bucket from earlier.

Now create an API token for this bucket:

1. Click API Tokens → Create Account API Token

2. Set permissions to Object Read and Write

3. Apply to specific buckets only — select moldbot-data

4. TTL: set to your preference (Forever works fine — just revoke it if needed)

5. Click Create API Token

You'll get an Access Key ID and a Secret Access Key. Save both securely. Then add them as secrets in your Workers dashboard, along with your Cloudflare Account ID:

Secret NameWhere to Find ItR2_ACCESS_KEY_IDFrom R2 API Token creationR2_SECRET_ACCESS_KEYFrom R2 API Token creationCF_ACCOUNT_IDClick the three-dot menu on your Cloudflare dashboard homepage

Once all three are added, click Deploy.

First Login and Device Pairing

Navigate to your worker's URL (visible in Settings). You may see "waiting for MoltWorker to load" — give it one to two minutes.

If you see "invalid or missing token", don't panic. This just means you're at the device pairing stage — it's working correctly.

To complete pairing:

1. Go to your worker URL followed by /admin

2. Authenticate via the OTP sent to your email (first login only)

3. In the admin dashboard, look for a pending pairing request and approve it

4. If it doesn't appear immediately, wait a couple of minutes and refresh

Once approved, go back to your main worker URL and you can start chatting directly through the Cloudflare chat interface.

Connecting Your Messaging Apps

This is where it starts getting genuinely useful. In your dashboard, go to Channels to connect OpenClaw to the messaging apps you already use:

• WhatsApp

• Telegram

• Discord

• Slack

• Google Chat

• And more

Telegram is the easiest starting point, especially if this is your first time:

1. Open Telegram, search for @BotFather

2. Hit Start, then type /newbot

3. Give your bot a name and username (must end in _bot)

4. Copy the API token BotFather generates

5. Paste it into the Telegram field in your Channels settings

If you run into any issues connecting a specific platform, drop a comment on the video and I'll try to cover it in a follow-up.

Adding Skills: My Advice Is to Start Small

Under the Skills section in the sidebar, you'll find tools you can equip your assistant with — Google Workspace (Gmail, Calendar), GitHub, Notion, Slack, weather, and more.

I want to be direct about something here: connecting OpenClaw to your Gmail or Google Workspace is powerful. It can also go sideways if you're not careful. The assistant will try its best to follow your instructions, but AI agents can hallucinate, misinterpret context, and occasionally go off in unexpected directions. There have been real documented cases of agents behaving in ways their owners didn't intend.

My strong recommendation is to start small, in bits and pieces. Get comfortable with how the agent behaves on simple low-risk tasks before granting it access to sensitive systems. Observe how it handles things. Understand where it makes mistakes. Then expand its access deliberately and incrementally.

Why Cloudflare Workers Is the Safest Way to Run OpenClaw

If you're not deeply technical, here's the honest summary of why I recommend this approach:

You're not managing a server. No SSH configuration, no firewall rules to set up, no security patches to stay on top of. Cloudflare handles all of that.

Your personal machine is never at risk. If something goes wrong in the Cloudflare environment, it's contained there. There's no path from the sandboxed container back to your local files or network.

Multiple security layers work together. JWT authentication, Zero Trust access policies, gateway tokens, email-based allow lists — these don't just stack, they reinforce each other.

Your deployment is backed up. Your private GitHub repository holds your build history, so you can always reference or restore a previous configuration.

The cost is minimal. $5/month for Workers, plus Anthropic API usage. R2 storage and Zero Trust are free tier.

The tens of thousands of OpenClaw instances that security researchers found exposed were not compromised through sophisticated attacks. Most were simply left open by users who didn't complete the security configuration. This guide is specifically designed so that doesn't happen to you.

Frequently Asked Questions About OpenClaw Safety

What is OpenClaw and why is it trending? OpenClaw (formerly Clawdbot, then Moltbot) is an open-source AI agent that connects existing AI models like Claude or GPT to your real-world apps and systems. Unlike regular chatbots that only respond when asked, OpenClaw runs continuously and can take autonomous actions — sending emails, scheduling meetings, browsing the web, managing files. It went viral in early 2026 hitting 157,000 GitHub stars in weeks, and is one of the fastest-growing open-source AI projects ever.

Is OpenClaw safe to use? It can be, when deployed correctly. The biggest risk is misconfiguration — multiple security research firms including Censys and Bitsight detected over 30,000 publicly exposed instances within the first two weeks of the project going viral, with later independent scans putting the figure above 40,000. The Cloudflare Workers deployment method in this guide applies multiple security layers and removes the risk of exposing your personal machine.

What's the difference between OpenClaw, Moltbot, and Clawdbot? They are the same project under three different names. It launched as Clawdbot in November 2025, was renamed Moltbot on 27 January 2026 after trademark concerns from Anthropic, then became OpenClaw three days later. The technology and functionality are continuous throughout all three names.

Do I need to be technical to set up OpenClaw on Cloudflare? You need a basic understanding of how accounts and APIs connect together, but deep technical knowledge is not required. The Cloudflare UI walkthrough in this guide avoids most terminal usage — the only command-line step is generating your gateway token, which is just one short command: openssl rand -hex 32.

Should I run OpenClaw on my work laptop or personal computer? No. It is strongly not recommended to install OpenClaw on any machine where you store client data, sensitive documents, or anything you can't afford to have accessed or modified unexpectedly. Use a dedicated device, VPS, or Cloudflare Workers instead.

What AI does OpenClaw run on? OpenClaw is not an AI model itself — it's an agent framework. It uses existing LLMs like Anthropic's Claude or OpenAI's GPT as its reasoning engine. You connect your own API key from your chosen provider.

How much does running OpenClaw on Cloudflare Workers cost? Cloudflare Workers Paid Plan: $5/month. R2 storage: free tier (effectively $0 for personal use). Zero Trust access: free tier. Anthropic Claude API: charged per token based on usage and your chosen model.

What is the MoltWorker? MoltWorker is Cloudflare's official wrapper project that allows OpenClaw to run inside Cloudflare's Sandbox infrastructure. Instead of running OpenClaw directly on your machine or a VPS, MoltWorker moves the agent into a managed, isolated container environment on Cloudflare's network — with optional R2 storage for memory persistence.

Is OpenClaw available in Singapore? Yes. Singapore is one of the top three regions for OpenClaw deployments globally (alongside the US and China). All setup steps in this guide work regardless of your location, and Cloudflare's global infrastructure means you can select a data centre region close to Southeast Asia when setting up your R2 bucket.

What messaging apps does OpenClaw support? OpenClaw connects to WhatsApp, Telegram, Discord, Slack, Google Chat, Signal, and more. Telegram is generally the easiest to set up for first-time users.

Found this guide useful? Subscribe here for more automation walkthroughs. If you're stuck on any step, drop a comment in the video and I'll do my best to help.