Security
Built with security first
FireClaw takes security seriously at every layer — from authentication to infrastructure isolation. Here's how we protect your data and agents.
Encryption Everywhere
All data in transit is encrypted with TLS 1.3. Passwords are hashed with bcrypt (12 rounds). API keys and secrets are stored encrypted at rest.
Isolated Infrastructure
Each deployed agent runs on its own dedicated VPS with isolated networking. No shared containers or multi-tenant runtimes.
Firewall by Default
Every provisioned server has a Hetzner Cloud Firewall allowing only SSH (22), HTTP (80), and HTTPS (443). All other ports are blocked.
Automated HTTPS
All agent domains get automatic Let's Encrypt TLS certificates via Caddy reverse proxy. No manual certificate management required.
Rate Limiting
All API endpoints are rate-limited to prevent brute-force attacks. Authentication endpoints have strict per-IP limits.
Secure Authentication
Email verification with OTP, password reset via email, bcrypt hashing, JWT sessions, and OAuth 2.0 via Google.
Report a Vulnerability
Found a security issue? We appreciate responsible disclosure.
security@fireclaw.ai