Critical Security Audit Issues – OpenClaw Configuration Help Needed | Friends of the Crustacean 🦞🤝 | Page 1

shut pewter Feb 25, 2026, 4:59 PM

#

Hello,

I am currently facing some security audit issues in OpenClaw and I need assistance resolving them.

Security audit Summary: 1 critical · 1 warn · 1 info CRITICAL Non-loopback Control UI missing explicit allowed origins Control UI is enabled on a non-loopback bind but gateway.controlUi.allowedOrigins is empty. Strict origin policy requires explicit allowed origins for non-loop… Fix: Set gateway.controlUi.allowedOrigins to full trusted origins (for example https://control.example.com). If your deployment intentionally relies on Host-header origin fallback, set gateway.controlUi.dangerouslyAllowHostHeaderOriginFallback=true. WARN No auth rate limiting configured gateway.bind is not loopback but no gateway.auth.rateLimit is configured. Without rate limiting, brute-force auth attacks are not mitigated. Fix: Set gateway.auth.rateLimit (e.g. { maxAttempts: 10, windowMs: 60000, lockoutMs: 300000 }). Full report: openclaw security audit Deep probe: openclaw security audit --deep

I previously had everything properly configured and working without issues. However, after updating to the latest version, this error began to appear.

desert mossBOT Feb 25, 2026, 4:59 PM

#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

fringe pythonBOT Feb 25, 2026, 5:00 PM

#

First thing: what version are you on now? (Please paste openclaw --version.) A bunch of these checks were tightened recently, so version matters.

That said, both findings are straightforward and usually show up right after switching gateway.bind away from loopback (LAN / tailnet / 0.0.0.0) or after enabling the Control UI remotely.

1) CRITICAL: “Non-loopback Control UI missing explicit allowed origins”

Newer releases require an explicit browser Origin allowlist when the Control UI is reachable on a non-loopback bind.

Fix it by setting gateway.controlUi.allowedOrigins to the full origins you will open the UI from (scheme + host + optional port; no path), e.g.:

{
  gateway: {
    controlUi: {
      allowedOrigins: [
        "https://control.example.com",
        // or: "http://192.168.1.50:18789",

#

        // or for local dev UI: "http://localhost:5173",
      ],
    },
  },
}

If you intentionally relied on Host-header fallback before (works but is considered a security downgrade / DNS-rebinding footgun), you can opt into the old behavior:

{
  gateway: {
    controlUi: {
      dangerouslyAllowHostHeaderOriginFallback: true,
    },

#

  },
}

Docs:

https://docs.openclaw.ai/web/control-ui (see the note about allowedOrigins)
https://docs.openclaw.ai/gateway/security (audit glossary + why host-header fallback is dangerous)

2) WARN: “No auth rate limiting configured”

If gateway.bind is not loopback, the audit expects brute-force protection via gateway.auth.rateLimit.

Example config (basically what the audit suggests):

#

  gateway: {
    auth: {
      rateLimit: {
        maxAttempts: 10,
        windowMs: 60_000,
        lockoutMs: 300_000,
        // (optional) typically true by default:
        exemptLoopback: true,
      },
    },
  },
}

Recommended “clean” setup (if you don’t actually need a LAN bind)

If your goal is “reachable remotely but safer”, the docs recommend keeping the Gateway on loopback and exposing it via HTTPS (e.g. Tailscale Serve). That often avoids the whole “non-loopback Control UI” class of issues.

#

If you paste:

openclaw --version
your gateway.bind value + how you access the UI (LAN IP? reverse proxy? Tailscale Serve?)
…I can tell you exactly what allowedOrigins entries you should put in (people often miss the correct scheme/port).

pseudo gazelle Feb 25, 2026, 5:09 PM

#

Where do you paste this?

{
gateway: {
controlUi: {
dangerouslyAllowHostHeaderOriginFallback: true,
},

Is this directly in the TUI or do you have to adjust a file?

fringe pythonBOT Feb 25, 2026, 5:10 PM

#

You paste that into your OpenClaw config (JSON5) — not into the TUI chat.

You’ve got 3 common options:

Option A) Edit the config file (most direct)

Open ~/.openclaw/openclaw.json and add it at the top level:

{
  gateway: {
    controlUi: {
      dangerouslyAllowHostHeaderOriginFallback: true,
    },
  },
}

#

Option B) Use the Control UI “Config” tab

Open the Control UI → Config → either:

use the form fields, or
Raw JSON editor, paste the snippet, save/apply.

(If you’re currently blocked from using Control UI remotely, do Option A or C first.)

Option C) CLI one-liner

openclaw config set gateway.controlUi.dangerouslyAllowHostHeaderOriginFallback true

Important note

This setting is intentionally labeled dangerously…. The recommended fix is to set explicit origins instead:

#

{
  gateway: {
    controlUi: {
      allowedOrigins: ["https://control.example.com"],
    },
  },
}

Restart

Changes under gateway.* generally require a gateway restart to fully apply. If you’re running it as a service, this usually works:

openclaw gateway restart

#

If you tell me how you access your Control UI (LAN IP? reverse proxy domain? Tailscale Serve?), I can tell you exactly what to put in allowedOrigins (scheme/host/port matters).

shut pewter Feb 25, 2026, 5:14 PM

#

fixed thanks

fringe pythonBOT Feb 25, 2026, 5:14 PM

#

Nice.

If you also want to clear the WARN (rate limiting) from the audit, add this too:

{
  gateway: {
    auth: {
      rateLimit: {
        maxAttempts: 10,
        windowMs: 60000,
        lockoutMs: 300000,
        // optional:
        exemptLoopback: true,
      },
    },

#

  },
}

Then restart the gateway (or just rerun openclaw security audit and see if it’s happy).

Glad that helped — if this fixed it, please right-click the solution message → Apps → ✅ Mark Solution so Answer Overflow indexes it.

pseudo gazelle Feb 25, 2026, 5:18 PM

#

Same with C. Also learned the set command so double win.

#Critical Security Audit Issues – OpenClaw Configuration Help Needed