How to Deploy OpenClaw on a Hostinger VPS: The Operator's Guide

Running OpenClaw on your own VPS is the difference between a demo and a production system. Your computer sleeping kills your agent. A VPS doesn't sleep. Here's the complete guide to deploying OpenClaw on Hostinger — the host we recommend at Remote OpenClaw — with proper configuration from day one.

Why Hostinger for OpenClaw

There are plenty of VPS providers. We recommend Hostinger for most operators because the price-to-performance ratio is hard to beat for an OpenClaw workload, their control panel is genuinely usable, and one-click Ubuntu deployments mean you're not debugging OS setup before you've even started.

For what OpenClaw needs — primarily Node.js running continuously, outbound API requests, and a modest amount of storage for memory and logs — even their entry-level KVM 1 plan is sufficient.

Minimum specs that work:

• 1 vCPU, 4GB RAM, 50GB NVMe
• Ubuntu 22.04 LTS
• KVM virtualization (not OpenVZ — you want real kernel access)

For operators running multiple agents or heavier automation workloads, step up to KVM 2 (8GB RAM). Don't go below 4GB; OpenClaw plus Node plus a live messaging connection will spike above 1GB regularly.

Initial Server Setup

Once your VPS is provisioned and you have the IP address and root credentials, SSH in:

ssh root@YOUR_SERVER_IP

Start with the basics before touching OpenClaw:

# Update everything
apt update && apt upgrade -y

# Create a non-root user (don't run OpenClaw as root)
adduser openclaw
usermod -aG sudo openclaw

# Set up SSH key auth for your new user (from your local machine)
# ssh-copy-id openclaw@YOUR_SERVER_IP

# Switch to your new user
su - openclaw

Running OpenClaw as root is the kind of shortcut that causes problems later. Take the two minutes to set up a dedicated user.

Installing Node.js

OpenClaw requires Node.js 18 or later. Install the LTS version:

curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
sudo apt-get install -y nodejs
node --version  # Should show v22.x.x

Installing OpenClaw

npm install -g openclaw
openclaw --version

Run the onboarding wizard:

openclaw onboard

The wizard asks for your AI provider API key, your preferred messaging channel (Telegram or WhatsApp), and basic configuration. Have your Anthropic or OpenAI API key ready before starting.

Telegram Bot Setup

Telegram is the recommended channel for VPS deployments. It's more reliable than WhatsApp for server environments and doesn't require browser session management.

1. Open Telegram and message @BotFather
2. Send /newbot
3. Name your bot and create a username ending in bot
4. Copy the token BotFather gives you

During openclaw onboard, select Telegram and paste your bot token. Then restrict access to your Telegram user ID only:

channels:
  telegram:
    allowFrom:
      userIds:
        - YOUR_TELEGRAM_USER_ID  # Find this via @userinfobot

Don't leave it open. An unprotected bot on a public server is a liability.

Running as a System Service

This is what makes VPS deployment different from running it on your laptop. You want OpenClaw to start on boot and restart if it crashes.

Create a systemd service file:

sudo nano /etc/systemd/system/openclaw.service

Paste this, replacing openclaw with your username if different:

[Unit]
Description=OpenClaw AI Agent
After=network.target

[Service]
Type=simple
User=openclaw
WorkingDirectory=/home/openclaw
ExecStart=/usr/bin/openclaw
Restart=always
RestartSec=10
StandardOutput=journal
StandardError=journal

[Install]
WantedBy=multi-user.target

Enable and start:

sudo systemctl daemon-reload
sudo systemctl enable openclaw
sudo systemctl start openclaw
sudo systemctl status openclaw  # Should show active (running)

Now your agent runs 24/7, restarts after crashes, and survives server reboots automatically.

Security Hardening

A VPS running an autonomous agent needs basic hardening. This isn't optional.

Firewall setup:

sudo ufw allow ssh
sudo ufw allow 443/tcp
sudo ufw enable
sudo ufw status

Don't open ports you don't need. OpenClaw communicates outbound to Telegram and your AI provider — it doesn't need inbound ports beyond SSH (and HTTPS if you're running webhooks).

Fail2ban to block brute force:

sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Disable root SSH login:

Edit /etc/ssh/sshd_config and set:

PermitRootLogin no
PasswordAuthentication no

Then restart SSH: sudo systemctl restart sshd

(Make sure your SSH key is working for your non-root user before doing this.)

Keep OpenClaw updated:

npm update -g openclaw
sudo systemctl restart openclaw

The 2026 security releases closed several vulnerabilities in URL fetching, webhook routing, and skills sandboxing. Running outdated versions creates real exposure.

Webhook Mode for Reliability

For VPS deployments, configure Telegram in webhook mode rather than polling. Webhooks are more reliable and use fewer resources:

channels:
  telegram:
    webhook:
      enabled: true
      url: "https://YOUR_DOMAIN_OR_IP/telegram/webhook"

You'll need HTTPS for webhooks. Use Certbot with Nginx if you have a domain:

sudo apt install nginx certbot python3-certbot-nginx -y
sudo certbot --nginx -d yourdomain.com

If you're using an IP address without a domain, stick with polling mode for now — it works fine for personal use.

Monitoring Your Agent

Check logs when something's off:

# Tail live logs
sudo journalctl -u openclaw -f

# Last 100 lines
sudo journalctl -u openclaw -n 100

# Errors only
sudo journalctl -u openclaw -p err

Check status:

openclaw status
openclaw channels status

Set up a simple disk space check in cron to catch runaway log growth:

crontab -e
# Add: 0 9 * * * df -h / | mail -s "Disk usage" you@example.com

Backup Strategy

Your OpenClaw data — memory, configuration, skills — lives in ~/.openclaw. Back it up:

# Manual backup
tar -czvf openclaw-backup-$(date +%Y%m%d).tar.gz ~/.openclaw

# Automated daily backup via cron
0 2 * * * tar -czvf ~/backups/openclaw-$(date +\%Y\%m\%d).tar.gz ~/.openclaw

If you're on Hostinger, their VPS snapshots handle this at the server level. Either way, don't skip backups — your agent's memory is the most valuable thing on the server.

What a Good Deployment Looks Like

A properly set up OpenClaw on Hostinger should:

• Start automatically on boot
• Restart within 10 seconds if it crashes
• Accept messages only from your Telegram user ID
• Log errors to journald for easy diagnosis
• Have firewall rules that block unnecessary inbound connections
• Run as a non-root user with minimal system permissions

If your deployment doesn't have all of these, it's not production-ready — it's a demo that happens to be on a VPS.

Don't want to do this yourself? Remote OpenClaw handles the entire deployment — server setup, OpenClaw installation, Telegram or WhatsApp connection, and hardening baseline — so you skip straight to using your agent. See the plans and book a call.