Hostinger OpenClaw: How to Deploy OpenClaw on Hostinger VPS
Step-by-step guide to running OpenClaw on a Hostinger VPS — Node.js setup, systemd service, nginx reverse proxy, Cloudflare SSL, and monitoring.
Hostinger is one of the most popular VPS providers for people setting up OpenClaw for the first time. The pricing is competitive, the control panel (hPanel) is beginner-friendly, and their KVM VPS plans have enough resources for a solid single-agent setup.
This is the full deployment guide — from provisioning your Hostinger VPS to having OpenClaw running with nginx, SSL, and automatic restarts.
What You Need Before Starting
- A Hostinger account with a VPS plan (KVM 1 or higher)
- A domain name (can be registered at Hostinger or elsewhere)
- Basic comfort with SSH and the Linux terminal
- Your OpenClaw API key and any channel tokens (Telegram bot token, etc.)
Choosing the Right Hostinger VPS Plan
Hostinger offers several KVM VPS tiers. For OpenClaw:
KVM 1 (~$4–6/month)
- 1 vCPU, 4GB RAM, 50GB NVMe
- Fine for a single agent with light automation
KVM 2 (~$8–10/month)
- 2 vCPU, 8GB RAM, 100GB NVMe
- Comfortable for multiple agents or heavier workloads
KVM 4 (~$14–16/month)
- 4 vCPU, 16GB RAM, 200GB NVMe
- If you're spawning sub-agents frequently
For most OpenClaw setups, KVM 1 is sufficient to start. You can upgrade later without data loss.
Step 1: Provision Your VPS
In hPanel, go to VPS → Create new VPS.
Settings to use:
- OS: Ubuntu 22.04 LTS (or 24.04)
- Data center: Pick the one closest to your users
- Hostname: something like
openclaw-prod - Root password: Set a strong one, or use SSH keys (recommended)
Wait 2–3 minutes for provisioning. You'll get an IP address once it's ready.
Step 2: Initial Server Setup
SSH into your new server:
ssh root@YOUR_VPS_IP
Update and secure the basics:
# Update system packages
apt update && apt upgrade -y
# Install essential tools
apt install -y curl wget git ufw fail2ban
# Configure firewall
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow 80
ufw allow 443
ufw enable
# Verify firewall status
ufw status
Create a dedicated user for running OpenClaw (don't run as root):
adduser openclaw
usermod -aG sudo openclaw
# Switch to the new user for the rest of setup
su - openclaw
Step 3: Install Node.js
OpenClaw requires Node.js 18 or higher. Use the NodeSource setup script for a clean install:
# Install Node.js 20 LTS
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt install -y nodejs
# Verify versions
node --version # should show v20.x.x
npm --version # should show 10.x.x
Step 4: Install OpenClaw
# Install globally
sudo npm install -g openclaw
# Verify install
openclaw --version
# Initialize OpenClaw (creates ~/.openclaw/ config structure)
openclaw init
The init command walks you through basic setup — your LLM API key, default model, and any channel integrations you want to configure.
If you already have a backup from another install, restore it:
# Extract your backup to home directory
tar -xzf openclaw-backup.tar.gz -C ~/
Step 5: Configure the Gateway
Edit your OpenClaw config to set the gateway's public URL:
nano ~/.openclaw/config.json
Add or update the gateway section:
{
"gateway": {
"port": 3000,
"bind": "127.0.0.1",
"publicUrl": "https://yourdomain.com"
}
}
Use bind: "127.0.0.1" so the gateway only listens locally — nginx will handle the public-facing side.
For a full explanation of gateway options, see OpenClaw Gateway: What It Does and How to Configure It.
Step 6: Set Up systemd Service
A systemd service keeps OpenClaw running and restarts it automatically if it crashes:
sudo nano /etc/systemd/system/openclaw.service
[Unit]
Description=OpenClaw AI Agent
After=network.target
Wants=network-online.target
[Service]
Type=simple
User=openclaw
Group=openclaw
WorkingDirectory=/home/openclaw/.openclaw/workspace
ExecStart=/usr/bin/openclaw start
Restart=always
RestartSec=5
StandardOutput=journal
StandardError=journal
SyslogIdentifier=openclaw
# Environment
Environment=NODE_ENV=production
Environment=HOME=/home/openclaw
[Install]
WantedBy=multi-user.target
Enable and start the service:
sudo systemctl daemon-reload
sudo systemctl enable openclaw
sudo systemctl start openclaw
# Check it's running
sudo systemctl status openclaw
You should see Active: active (running). If it shows failed, check the logs:
sudo journalctl -u openclaw -n 50
Step 7: Install and Configure nginx
nginx handles HTTPS termination and proxies requests to the OpenClaw gateway:
sudo apt install -y nginx
# Create site config
sudo nano /etc/nginx/sites-available/openclaw
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;
# Let's Encrypt challenge
location /.well-known/acme-challenge/ {
root /var/www/html;
}
# Redirect HTTP to HTTPS
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
server_name yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/yourdomain.com/chain.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
# Proxy to OpenClaw gateway
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 60s;
proxy_cache_bypass $http_upgrade;
}
}
Enable the site:
sudo ln -s /etc/nginx/sites-available/openclaw /etc/nginx/sites-enabled/
sudo rm /etc/nginx/sites-enabled/default # remove default site
sudo nginx -t # test config
sudo systemctl reload nginx
Step 8: Cloudflare DNS and SSL
Point Your Domain at Hostinger
In your domain's DNS panel (Hostinger DNS or wherever your domain is registered):
Type: A
Name: @ (or your subdomain)
Value: YOUR_VPS_IP
TTL: Auto
If using Cloudflare for DNS (recommended):
- Add the A record in Cloudflare
- Set proxy status to DNS only (grey cloud) initially — this lets certbot verify the domain directly
Get an SSL Certificate
sudo apt install -y certbot python3-certbot-nginx
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com \
--non-interactive --agree-tos --email your@email.com
Certbot will modify your nginx config to add the SSL cert paths and set up auto-renewal.
Verify auto-renewal works:
sudo certbot renew --dry-run
Enable Cloudflare Proxy (Optional)
Once SSL is working, you can enable the Cloudflare proxy (orange cloud) for the A record. This adds CDN, DDoS protection, and hides your server IP.
If using Cloudflare proxy, set SSL mode to Full (strict) in Cloudflare's SSL/TLS settings.
Step 9: Verify Everything Works
Run through this checklist:
# 1. OpenClaw process running?
sudo systemctl status openclaw
# 2. Gateway responding locally?
curl http://localhost:3000/health
# 3. nginx responding?
curl http://yourdomain.com
# Should redirect to HTTPS
# 4. HTTPS working?
curl https://yourdomain.com/health
# Should return 200
# 5. Check for SSL errors
curl -I https://yourdomain.com
Send a test message via Telegram or whichever channel you've configured. The agent should respond within a few seconds.
Step 10: Monitoring
Basic Uptime Monitoring
Sign up for UptimeRobot (free) and add an HTTP monitor pointing to https://yourdomain.com/health. You'll get an email if it goes down.
Watch Your Logs
# OpenClaw logs
sudo journalctl -u openclaw -f
# nginx access logs
sudo tail -f /var/log/nginx/access.log
# nginx error logs
sudo tail -f /var/log/nginx/error.log
Check Resource Usage
# Memory and CPU
htop
# Disk usage
df -h
# OpenClaw process specifically
ps aux | grep openclaw
The Hostinger hPanel also shows server-level CPU and RAM graphs. Check this weekly to make sure you're not hitting resource limits.
Common Hostinger-Specific Issues
Can't SSH after setup — Check Hostinger's firewall in hPanel. Some plans have a separate firewall in the control panel that can block SSH. Make sure port 22 is allowed there too.
Port 80/443 blocked — Same issue. Verify in hPanel's firewall settings as well as UFW.
nginx fails to start — Something else is using port 80. lsof -i :80 shows what. Often Apache is installed by default on some images. systemctl stop apache2 && systemctl disable apache2 fixes it.
certbot fails DNS verification — Make sure DNS propagation is complete. dig yourdomain.com +short should return your VPS IP before running certbot.
OpenClaw crashes on startup — Check journalctl -u openclaw -n 50. Usually it's a missing API key or config error. Run openclaw start manually as the openclaw user to see the error directly.
For the full picture on hosting options including other providers and managed hosting, see OpenClaw Hosting: Running Your Agent 24/7.
Running OpenClaw on Hostinger is a solid setup. If you want the shortest path to a stable deployment, focus on process management, SSL, backups, and monitoring first.