Ampere
Ampere.sh

How to Change OpenClaw Default Port

The OpenClaw gateway defaults to port 18789. Here's how to change it, fix port conflicts, set up reverse proxies, and run multiple instances.

Skip Port Config - Try Managed Hosting

OpenClaw Default Port

OpenClaw runs on port 18789 by default. This port serves:

  • Control UI - the browser dashboard at http://127.0.0.1:18789
  • API - the gateway REST and WebSocket endpoints
  • Channel ingress - webhooks from Telegram, Discord, Slack, etc.

Why Change the Port?

Common Reasons
  • Port 18789 is already used by another service
  • Running multiple OpenClaw instances
  • Hosting provider blocks the default port
  • Using a reverse proxy (Nginx, Caddy) on a VPS
You Do NOT Need to Change If
  • Running a single instance locally
  • No other services use port 18789
  • Using managed hosting (handled for you)

Three Ways to Change the Port

Method 1: CLI Flag
Quick, temporary
Fastest
openclaw gateway --port 9000

Overrides the port for this session only. Does not change the config file.

Method 2: Config File
Permanent, recommended

Edit ~/.openclaw/openclaw.json and add the port setting:

{ "gateway": { "port": 9000 } }

Then restart the gateway:

openclaw gateway restart
Method 3: CLI Config Command
One-liner, permanent
openclaw config set gateway.port 9000 openclaw gateway restart

Updates the config file and restarts in two commands.

Fix "Port Already in Use" Error

If the gateway will not start because port 18789 is taken, find what is using it:

# Linux / macOS lsof -i :18789 # Windows netstat -ano | findstr 18789

Then either:

  • Kill the conflicting process - kill <PID>
  • Change OpenClaw's port - use one of the three methods above
  • Check for zombie gateway processes - pkill -f "openclaw gateway" then restart

For more gateway troubleshooting, see OpenClaw Gateway Won't Start.

Setting Up a Reverse Proxy

For production, put Nginx or Caddy in front of OpenClaw. The gateway listens on localhost and the proxy handles SSL and external traffic.

# Nginx reverse proxy config server { listen 443 ssl; server_name openclaw.yourdomain.com; ssl_certificate /etc/letsencrypt/live/openclaw.yourdomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/openclaw.yourdomain.com/privkey.pem; location / { proxy_pass http://127.0.0.1:18789; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }

Important: The Upgrade and Connection headers are required for WebSocket support. Without them, real-time features and channel connections will break.

Skip Proxy Setup - Try Managed Hosting

Network Binding Options

Bind ModeListens OnUse Case
loopback (safest)127.0.0.1 onlyLocal use, behind reverse proxy
auto (default)Auto-detected interfaceMost deployments
lanLAN interfaceAccess from other devices on network
customSpecific IP you chooseMulti-NIC servers
tailnetTailscale interfaceSecure remote access via Tailscale

Set bind mode in your config:

{ "gateway": { "port": 9000, "bind": "loopback" } }

Running Multiple Instances

Run two OpenClaw instances on the same server with different ports:

# Instance 1 (default) openclaw gateway --port 18789 # Instance 2 (different config) OPENCLAW_CONFIG_PATH=~/.openclaw/openclaw-2.json openclaw gateway --port 18790

Each instance needs its own config file and workspace directory to avoid conflicts. For cost optimization with multiple instances, see how to reduce API costs.

Firewall Rules

Only open the port if external access is needed:

# UFW (Ubuntu/Debian) sudo ufw allow 18789/tcp # firewalld (CentOS/RHEL) sudo firewall-cmd --permanent --add-port=18789/tcp sudo firewall-cmd --reload # iptables sudo iptables -A INPUT -p tcp --dport 18789 -j ACCEPT

Best practice: Keep OpenClaw on loopback (127.0.0.1) and use a reverse proxy for external access. Do not expose the gateway port directly to the internet. See the uptime guide for production hardening.

Skip Port Configuration

On Ampere.sh managed hosting, ports, SSL, reverse proxy, and firewall are all handled for you. No terminal, no config files, no networking headaches. See managed vs self-hosted for the full comparison.

Skip Port Config - 7-Day Free Trial

Quick Reference

ActionCommand
Check current portopenclaw gateway status
Change port (temp)openclaw gateway --port 9000
Change port (permanent)openclaw config set gateway.port 9000
Restart gatewayopenclaw gateway restart
Check what uses a portlsof -i :18789
Kill gateway processespkill -f "openclaw gateway"

For the full setup, see the beginner guide. For Docker deployments, see OpenClaw on Docker. If your gateway will not start at all, see the gateway troubleshooting guide.

Frequently Asked Questions

What is the default OpenClaw port?
The default OpenClaw gateway port is 18789. The Control UI, API, and channel ingress all use this port.
How do I change the OpenClaw port?
Three ways: CLI flag (openclaw gateway --port 9000), config file (set gateway.port in openclaw.json), or CLI command (openclaw config set gateway.port 9000). Restart the gateway after changing.
Why would I change the OpenClaw port?
Common reasons: port 18789 is already in use by another service, you want to run multiple OpenClaw instances, you are behind a reverse proxy, or your hosting provider blocks certain ports.
How do I fix 'port already in use' errors?
Find what is using the port with lsof -i :18789 (Linux/Mac) or netstat -ano | findstr 18789 (Windows). Kill the process or change OpenClaw to a different port.
Do I need to open the port in my firewall?
Only if you access OpenClaw from another device or the internet. For local-only use, the default loopback binding means no firewall changes needed.
Can I run multiple OpenClaw instances on one server?
Yes. Give each instance a different port: one on 18789, another on 18790, etc. Each needs its own config directory and workspace.
Should I use a reverse proxy with OpenClaw?
Yes, for production. Nginx or Caddy in front of OpenClaw adds SSL, domain routing, and security. OpenClaw listens on localhost and the proxy handles external traffic.

Also Read

OpenClaw Gateway Won't Start: Every Fix
Guide

OpenClaw Gateway Won't Start: Every Fix

OpenClaw Configuration Guide for Beginners
Guide

OpenClaw Configuration Guide for Beginners

10 minMay 23, 2026
Openclaw On Docker
Integration

Openclaw On Docker

Michael Park

Written by

Michael Park

Senior Technical Writer & DevRel

Michael creates comprehensive installation and setup guides for developers and system administrators. With experience across Linux, macOS, Windows, and embedded systems, he has written over 200 technical tutorials used by millions of developers. He focuses on clear, step-by-step instructions that work the first time, covering everything from Raspberry Pi to enterprise servers.

Skip the server config

Managed hosting handles ports, SSL, firewalls, and reverse proxies. No terminal needed. 7-day free trial.

Start Free Trial