Back to Features

Secure Remote Agent Access: Zero-Config Stealth Mode

Secure Remote Agent Access: Zero-Config Stealth Mode

Building a dashboard to control your AI agent from your phone is incredible—until you consider the security implications. Opening a local server port to the public internet so you can access it on your phone is a massive security vulnerability. Botnets and scanners are constantly looking for exposed dashboards to exploit.

ClawBridge tackles this with Stealth Mode, an architecture designed from the ground up for absolute security without the hassle of complex VPN setups.

No Port Forwarding. No Open Ports.

Traditional remote access requires diving into your router's settings, setting up port forwarding for port 3000 (or similar), and exposing your Home IP address to the web.

This is incredibly dangerous. If a vulnerability is found in the dashboard, an attacker has direct access to your local network and potentially full control over the AI agent running on your server.

ClawBridge Stealth Mode eliminates this entirely. Instead of opening your firewall to accept incoming connections, ClawBridge creates an encrypted, outbound-only tunnel using Cloudflare's infrastructure (Quick Tunnels by default).

How Stealth Mode Works

  1. Outbound Connection Only: When ClawBridge starts, it securely connects out to a Cloudflare edge server. Your firewall blocks incoming requests by default, but allows this safe outbound traffic.
  2. Obfuscated Endpoint: Cloudflare assigns a randomized, temporary .trycloudflare.com URL (e.g., https://warm-breeze-123.trycloudflare.com) tied directly to your dashboard.
  3. No Home IP Exposure: Anyone hitting that URL interacts with Cloudflare's proxies. Your actual home IP address or server IP remains completely hidden from the internet.
  4. Zero-Config Installation: The ClawBridge setup script handles the tunnel creation automatically. You don't need to register for accounts or configure DNS records—it just works out of the box.

Uncompromising Security by Architecture

Beyond the tunnel, ClawBridge is fundamentally secure by design:

  • No Secrets Stored in UI: Unlike many self-hosted web apps, you never enter your OpenAI, Anthropic, or database credentials into the ClawBridge web interface. The dashboard only reads local configurations and logs. Even if someone gained access, they cannot steal your API keys.
  • Randomized Access Keys: Upon installation, a strong, random Access Token is generated locally. You must possess this token to even load the dashboard interface.
  • No Third-Party Cloud Logging: All your data—logs, memory, and tokens—stays on your physical machine. We don't pipe your private agent thoughts through central servers.

Use Cases

1. Safe Access on Public Wi-Fi

You're at a café or airport using an untrusted public Wi-Fi network. Because ClawBridge traffic flows through a secure HTTPS tunnel, you can confidently check your Mission Control without fear of local packet sniffing exposing your agent.

2. Multi-Node Management Across Networks

You have an OpenClaw agent on a home Raspberry Pi, another on an AWS EC2 instance, and a third on a different office network. Creating complex VPN topologies (like Tailscale) across all three can be tedious. Stealth Mode gives you three secure, independent URLs you can bookmark on your phone, requiring zero network peering.

Frequently Asked Questions

QCan I use my own domain instead of a random Cloudflare URL?

Absolutely. While the Quick Tunnel is great for immediate, temporary access and testing, you can explicitly configure ClawBridge to run via your own managed `cloudflared` token, allowing you to route it permanently via `agent.yourdomain.com` behind a Cloudflare Access (Zero Trust) login screen.

QIs it really zero configuration?

Yes. For the default Quick Tunnel mode, our setup script automatically downloads the `cloudflared` binary for your OS and initializes the secure connection on startup. No account creation required.

QDoes this add latency to my Live Thoughts feed?

The latency added by routing through Cloudflare's global edge network is negligible (typically <50ms) and entirely unnoticeable when streaming text logs or managing your dashboard.

Share this:

Experience it yourself

Install ClawBridge in 30 seconds and gain total visibility over your OpenClaw agents from your phone.