Pro Tips & Best Practices

OpenClawTips

Security, cost optimization, and best practices for running your AI assistant.

Security First

API Key Management

  • Never commit API keys to git repositories
  • Use environment variables for all secrets
  • Set up spending limits at Anthropic and OpenAI dashboards
  • Rotate keys monthly for production setups
# Add to ~/.zshrc or ~/.bashrc
export ANTHROPIC_API_KEY="your-key-here"
export OPENAI_API_KEY="your-key-here"

# Reload shell
source ~/.zshrc

Telegram Bot Security

  • Always disable privacy mode in @BotFather
  • Use allowFrom to restrict bot to your Telegram ID only
  • Don't share your bot username publicly

Server Hardening (VPS)

  • Enable UFW firewall: sudo ufw enable
  • Use SSH keys, disable password login
  • Set up Fail2Ban for intrusion protection
  • Keep system updated: sudo apt update && sudo apt upgrade

Cost Optimization

Set Spending Limits

Configure hard limits at your API providers to avoid surprise bills:

  • Anthropic Console → Billing → Set monthly limit
  • OpenAI Dashboard → Billing → Usage limits
  • We recommend starting with $50-100/month limits

Model Selection Strategy

Cheap Tasks

Use GPT-5 Mini or local Llama 3.2 for drafts, simple Q&A, summaries

Quality Tasks

Use Claude Sonnet for coding, complex reasoning, final polish

Use Local Models

Run Llama 3.2 locally via Ollama for zero API costs:

# Install Ollama
curl -fsSL https://ollama.com/install.sh | sh

# Pull a model
ollama pull llama3.2:3b

# Test
ollama run llama3.2:3b "Hello"

Performance Tips

Enable Auto-Start

Use launchd (Mac) or systemd (Linux) to start OpenClaw automatically on boot.

Use Ethernet

For 24/7 setups, ethernet is more stable than WiFi. Reduces disconnections.

Monitor Logs

Check logs regularly: openclaw logs --follow to catch issues early.

Backup Config

Back up ~/.openclaw regularly. Use a cron job to automate this.

Essential Commands

# Check OpenClaw status
openclaw gateway status

# View logs
openclaw logs --follow

# List installed skills
openclaw skill list

# Update all skills
openclaw skill update --all

# List cron jobs
openclaw cron list

# Restart gateway
openclaw gateway restart

# Check config
openclaw config validate

Common Issues

Bot not responding

  • Check gateway status: openclaw gateway status
  • Verify Telegram token in config
  • Ensure privacy mode is disabled in @BotFather
  • Check allowFrom has your correct Telegram ID

401/403 API errors

  • Verify API keys are set: env | grep ANTHROPIC
  • Reload shell profile after adding keys
  • Check if API key is valid at provider dashboard

High costs

  • Set spending limits immediately
  • Switch default model to GPT-5 Mini or local
  • Check for runaway cron jobs: openclaw cron list

Ready to Build?

Put these tips into practice with the complete setup guide.

Read the Setup Guide

Related Resources

We use cookies for analytics. Learn more

Free: AI Adaptation Playbook

Get it free