🔒Security
How we protect your data
Last updated: 2026-02-20.
What we've built
- ✓Dedicated VPS per user. Your assistant runs on its own private virtual machine — never shared with other subscribers.
- ✓Gateway binds to loopback only. The OpenClaw process listens on
127.0.0.1:3001— not a public interface. All external access goes through Caddy over HTTPS. - ✓HTTPS via Caddy. Your Control UI at
*.bot.plugandclaw.comis served over HTTPS with automatic TLS certificates (Let's Encrypt). - ✓Disk encryption (LUKS2). Your data volume is encrypted at rest with a 512-bit key. A seized disk is unreadable without the key.
- ✓SSH restricted by Hetzner firewall. Port 22 is only reachable from our control server IP — not open to the internet. All other ports are blocked except 80/443 (Caddy).
What we can currently access
We believe in being honest about our access. Here is what PlugAndClaw technically can access today:
| What | How | Why |
|---|---|---|
| SSH to your VPS | Our private key in your server's authorized_keys | Support and provisioning |
| Token counts per request | Proxy logs — model name and token counts only, not message content | Usage tracking and billing |
| Your Telegram bot token | Stored in our database | Required for provisioning and bot lifecycle |
| Conversation content | Only via SSH — and only if support access is enabled by you | We do not access this during normal operations |
Support access window
By default, PlugAndClaw does not actively SSH into your VPS. If you need help from our team, you can click "Enable support access for 1 hour" in your dashboard. This sets a time-limited flag in our database.
Any SSH action our infrastructure attempts is checked against this flag. If the flag is not set, the action is blocked and logged. After the window expires, the flag clears automatically.
Note: this is an operational control. We still technically hold the SSH key. The roadmap item below describes how we will fix this permanently.
Roadmap
- →Remove our SSH key post-provisioning. After your VPS is configured, our key will be deleted from
authorized_keys. Support access will require you to temporarily issue a one-time key. - →Zero-knowledge conversation storage. PlugAndClaw will have no path to read your conversations, even if compelled.
- →Audit log. Every support SSH session will be recorded and visible to you in the dashboard.
- →User-controlled LUKS key. You will hold your own encryption key. We will never be able to decrypt your data volume without it.
Found a security issue? Email [email protected]. We aim to respond within 48 hours.