Using FastAPI Guard to secure OpenClaw instances against attacks

OpenClaw security context

OpenClaw instances face significant security threats according to recent reports. A security audit revealed 512 vulnerabilities across the codebase with 8 critical issues, and over 40,000 exposed instances with 60% immediately takeable. The ClawJacked vulnerability (CVE-2026-25253) allows website hijacking through WebSocket by exploiting localhost trust assumptions. Additionally, 820+ malicious skills exist on ClawHub.

Real-world monitoring shows typical OpenClaw instances receive thousands of attacks daily, including Chinese IPs, Baidu crawlers, DigitalOcean scanners, bots attempting path traversal, .env file probing, and login brute forcing.

FastAPI Guard solution

FastAPI Guard is middleware that adds security layers before requests reach OpenClaw endpoints. Since OpenClaw runs on FastAPI (or could through an API gateway), the integration is straightforward:

from guard import SecurityMiddleware, SecurityConfig

config = SecurityConfig(
    blocked_countries=["CN", "RU"],
    blocked_user_agents=["Baiduspider", "SemrushBot", "AhrefsBot"],
    block_cloud_providers={"AWS", "GCP", "Azure"},
    rate_limit=100,
    rate_limit_window=60,
    auto_ban_threshold=10,
    auto_ban_duration=3600,
    enable_penetration_detection=True,
    whitelist=["YOUR_IP_HERE"],
)
app.add_middleware(SecurityMiddleware, config=config)

Key security features

• blocked_countries: Geo-blocking that can eliminate thousands of attacks from specific countries
• blocked_user_agents: Blocks known crawlers and bots before they reach application code
• block_cloud_providers: Automatically fetches and caches cloud IP ranges to block scanner farms
• auto_ban_threshold: Bans IPs after 10 violations
• penetration detection: Catches path traversal probes for .env, /etc/passwd, and similar attacks without additional configuration
• emergency mode: emergency_mode=True, emergency_whitelist=["YOUR_IP", "YOUR_TEAM_IP"] blocks everything except explicitly allowed IPs
• trusted_proxies: Configuration for reverse proxy setups to extract real client IPs correctly

Per-route security with decorators

The decorator system allows different security configurations on specific routes:

from guard.decorators import SecurityDecorator

guard_decorator = SecurityDecorator(config)
@app.get("/api/admin")
@guard_decorator.require_ip(whitelist=["10.0.0.0/8"])
@guard_decorator.block_countries(["CN", "RU", "KP"])
async def admin():
    return {"status": "ok"}

This enables monitoring usage patterns, blocking specific countries on sensitive endpoints, and requiring authentication on admin paths—capabilities static firewall rules cannot provide.

Additional capabilities

• Redis support: Built-in for multi-instance deployments with automatic synchronization of rate limits, IP bans, and cloud IP ranges
• Flask support: flaskapi-guard provides the same detection engine for Flask-based agent infrastructure
• Use cases: Beyond OpenClaw, the tool is used by startups needing public APIs for remote teams while blocking all other access, gaming platforms enforcing win conditions, and honeypot traps that log and ban malicious bots