The OpenClaw FAQ provides solutions to common issues. - Simple Application Server

Image update and reset

Deploy OpenClaw on an existing server

Log in to the Simple Application Server console, select your instance, and click Reset System.
Select Reset to Other Image and choose the Openclaw 2026.3.13 version.
Reconfigure OpenClaw. Resetting the system invalidates the previous API key and token. Go to Application Details to reconfigure the API key.

Warning

Resetting the system is equivalent to reinstalling it. This action deletes all data from the system disk, including saved configurations, logs, and databases, and stops all running applications on the Simple Application Server. Before proceeding, you must back up your important data by creating a snapshot or exporting it to a local device.

Reset the image to the latest version

Important

The Reset System operation reinstalls the system. This action deletes all data on the system disk, including configurations, logs, and databases. Before you proceed, you must back up important data. We recommend creating a snapshot or exporting data to a local device.

If your current image is not version Openclaw 2026.3.13, reset the system to update the image and experience the latest OpenClaw features.

Log in to the Simple Application Server console. Select your instance and click Reset System.
Select Reset Operating System.
Reconfigure OpenClaw. The reset invalidates your previous API key and token. Go to Application Details to reconfigure the API key.

Troubleshooting OpenClaw configuration

OpenClaw port number

To prevent malicious scans and targeted attacks, OpenClaw automatically generates a random port on initialization. To see the port number, go to Application Details > Basic Configurations > View Port and click View.

Can OpenClaw control local applications?

Not supported. Because a Simple Application Server runs in a cloud environment isolated from your local network, OpenClaw cannot directly control applications on your local computer.

Web search unavailable after OpenClaw update

Go to the Simple Application Server console. In the Image Information section, ensure your application image is updated to OpenClaw 2026.2.3 or later. If not, see How do I reset my current application image to the latest version?. This application image version provides default web search in all regions through the built-in SearXNG Skill. No additional configuration or fees are required. You can directly instruct OpenClaw to use the SearXNG Skill for web search. If your server is deployed in the China (Hong Kong) region or a region outside China, see How do I configure Brave Search for web search in OpenClaw?.

Configure third-party model providers

The OpenClaw image is pre-configured with the Model Studio provider. You can change the model in the settings. To connect to services from other providers, such as OpenAI, Anthropic, or Google Gemini, follow these steps.

Log in to the Simple Application Server as the admin user.
Change the model provider. This example uses OpenRouter.
```
openclaw onboard
```
Log in to the web console and chat with Agents to verify the changes.

How to change the OpenClaw model?

OpenClaw is integrated with Alibaba Cloud Model Studio, allowing you to switch between different models on the page. In Application Details > Model Configuration > Model Configuration, delete the default model, and then select a different Model Studio model from the dropdown list.

You can also manually enter a model name. Model codes can be found on the Model Studio Marketplace page.

Add skills to OpenClaw

OpenClaw supports adding a skill in three ways: conversational interaction, link-based installation, and installation from a transit source.

Conversational interaction (for new skills)
OpenClaw has a built-in Skill Creator component. You can chat directly with the Skill Creator, describe your requirements, and it automatically creates a new skill for you.
Link-based installation (for reusing existing skills)
To install an existing skill, send its URL to OpenClaw, and OpenClaw installs it automatically. For example, to install the Web Artifacts Builder from Anthropic, send its URL to the agent.
Installation from a transit source (for network-restricted environments)
If your server cannot access external code repositories such as GitHub, use mirroring:
1. Download the files to your local machine.
2. Upload the code to an accessible storage space, such as OSS.
3. Obtain the new download link and send it to OpenClaw to install the skill, following the steps in Link-based installation.

Custom skill loading and priority

Yes. You can add extra directories (lowest priority) in ~/.openclaw/openclaw.json by setting skills.load.extraDirs.

The default Skill loading priority is: <workspace>/skills > ~/.openclaw/skills > built-in > skills.load.extraDirs.

The clawhub tool installs to ./skills by default, and OpenClaw treats this path as <workspace>/skills.

Restart OpenClaw Gateway

OpenClaw 2026.2.9 and later

You can restart the service from the console. In Application Details > Basic Configuration > Restart OpenClaw Gateway, click Restart.

Before OpenClaw 2026.2.9

You must restart the service manually in the command-line terminal. Connect to the Simple Application Server and run the following gateway helper command:

openclaw gateway restart

OpenClaw configuration files

Configuration file directory: /root/.openclaw/
Main configuration file: /root/.openclaw/openclaw.json (specifies which models are in use)
Model API key configuration file: /root/.openclaw/agents/main/agent/auth-profiles.json

Edit these files to add models or configure API keys.

Manually configure a Coding Plan in OpenClaw

Copy and save the plan-specific API key for your Coding Plan.

In the following code block, replace YOUR_API_KEY in "apiKey": "YOUR_API_KEY" with your plan-specific API key.

 "models": {
    "mode": "merge",
    "providers": {
      "bailian": {
        "baseUrl": "https://coding-intl.dashscope.aliyuncs.com/v1",
        "apiKey": "YOUR_API_KEY",
        "api": "openai-completions",
        "models": [
          {
            "id": "qwen3-max-2026-01-23",
            "name": "qwen3-max-thinking",
            "reasoning": false,
            "input": [
              "text"
            ],
            "cost": {
              "input": 0,
              "output": 0,
              "cacheRead": 0,
              "cacheWrite": 0
            },
            "contextWindow": 262144,
            "maxTokens": 65536
          }
        ]
      }
    }
  },
  "agents": {
    "defaults": {
      "model": {
        "primary": "bailian/qwen3-max-2026-01-23"
      },
      "models": {
        "bailian/qwen3-max-2026-01-23": {
          "alias": "qwen3-max-thinking"
        }
      },
      "maxConcurrent": 4,
      "subagents": {
        "maxConcurrent": 8
      }
    }
  },

On the Simple Application Server console - Servers page, click the instance ID on the card for your OpenClaw server to open the Server Overview page.
Click the Application Details tab. On the Access Control page, click Execute Command. Then, click the URL in the pop-up window to open the OpenClaw conversation page.
Click Config > All Settings > Raw to open the configuration file. Copy the code block with the modified "apiKey" parameter. As shown in the image below, replace the original "agents"{...} content in your configuration code with the copied block and save the changes.

Configure Brave Search for web search

You can configure Brave Search only on Simple Application Server instances in China (Hong Kong) or regions outside China.

OpenClaw application images version 2026.2.3 and later include the SearXNG-based web search Skill by default.

Create a Brave Search API account and generate an API key on the Brave Search official website.
To configure the image, go to the OpenClaw page and click Config > All Settings > Raw in the navigation pane to open the configuration file. Change BRAVE_API_KEY to your Brave Search API key, copy the code block below, and paste it into the configuration file at the location shown in the figure.
```
  "tools": {
    "web": {
      "search": {
        "provider": "brave",
        "apiKey": "BRAVE_API_KEY",
        "maxResults": 5,
        "timeoutSeconds": 30
      }
    }
  },
```

Running tools in Docker containers

OpenClaw can run tools in Docker containers, isolating them in a sandbox environment to mitigate risks. This feature is optional. For configuration steps, see the OpenClaw sandboxing feature guide.

Common OpenClaw CLI tools

Important

If your instance was created before January 30, 2026, these commands may not work due to an outdated image. Please upgrade the image by following the instructions in How do I reset my current application image to the latest version? The new application image includes all necessary CLI tools.

Core management tool: OpenClaw
OpenClaw is the built-in core CLI. View installed skills:
```
openclaw skills list
```
Skill marketplace tool: ClawdHub
ClawdHub is the dedicated tool to search, install, and manage third-party skills from the skill marketplace. The current image includes over 50 common skills.
- Search for a skill (for example, weather):
```
clawdhub search weather
```
- Install a skill:
```
clawdhub install weather
```
- For other commands, see:
```
clawdhub --help
```
Plugin management
Use the openclaw plugins command to manage plugins.
View help for plugin commands: Displays a complete list of commands for installing and configuring plugins.
```
openclaw plugins -h
```

Purchase and cost

Use only the free quota to avoid charges

By default, Model Studio large language models in Singapore incur charges after the free quota is exhausted. To avoid additional model invocation charges, enable Stop when free quota is exhausted in the Model Studio console. After you enable this setting, the model becomes unavailable once its free quota is exhausted. You can then switch to another model with an available free quota.

Instance configuration requirements

Select a configuration with at least 2 vCPUs and 2 GB of memory to ensure service performance.

Additional charges for OpenClaw

If you use an API key from Model Studio to invoke models in OpenClaw, you will be charged based on token usage. For billing details, refer to the Model Invocation Billing documentation.

Checking the free quota in the Singapore region

Log on to the Model Studio console. In the Free Quota area, you can view the remaining free quota for your model.

View model invocation records

One hour after you call a model, go to the Monitoring (Singapore or Beijing) page. Set the query conditions, such as the time range and workspace. Then, in the Models area, find the target model and click Monitor in the Actions column to view the model's call statistics. For more information, see the Monitoring document.

Data is updated hourly. During peak periods, there may be an hour-level latency.

Regional differences: Singapore, US (Virginia), and China (Beijing)

Alibaba Cloud Model Studio provides model services in the Singapore, US (Virginia), and China (Beijing) regions. Select a nearby region to reduce network latency. Service endpoints (Endpoint/Base URL) vary by region, and API keys are not interchangeable. Supported models, platform features, and pricing also vary by region. See Model List for details.

Troubleshooting

Unresponsive OpenClaw Chat page

Verify your API key configuration. Remotely connect to your Simple Application Server. In the following code, replace the API key and base URL for your region. Copy and paste the updated code into the terminal to test the API call. If an error occurs, look up the error message in the Error messages documentation for a solution. Base URLs are not interchangeable across regions:
- China (Beijing): https://dashscope.aliyuncs.com/compatible-mode/v1/chat/completions
- US (Virginia): https://dashscope-us.aliyuncs.com/compatible-mode/v1/chat/completions
- Singapore: https://dashscope-intl.aliyuncs.com/compatible-mode/v1/chat/completions
- Coding Plan: https://coding-intl.dashscope.aliyuncs.com/v1/chat/completions
```
curl -X POST YOUR_API_KEY_BASE_URL \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
    "model": "qwen3-max-2026-01-23",
    "messages": [
        {
            "role": "user",
            "content": "Who are you?"
        }
    ]
}'
```
Check for overdue payments or rate limiting.
1. Coding Plan: The plan has hourly, weekly, and monthly request limits. You can check your quota usage in the Coding Plan console. When the limit is exceeded, an error is returned: hour/week/month allocated quota exceeded.
  Solution: Wait for the quota to reset automatically or upgrade to the Pro plan.
2. Pay-as-you-go Model Studio API key:
  1. Check your free quota. Log on to the Model Studio console. In the Free Quota area, view the remaining free quota for your account.
  2. Check for overdue payments. Go to the Expenses and Costs center to check for overdue payments.
Troubleshoot error logs: Go to the OpenClaw Chat page, click Logs in the navigation pane, select WARN and ERROR to view the error logs, and search the OpenClaw FAQ document for a solution to the error.
If no errors are displayed in the Logs, restart the gateway in the console.
Reset the image
If your server contains no important data, reset the Simple Application Server image to the latest OpenClaw application image and reconfigure it.
Important
Resetting the operating system is equivalent to reinstalling it. This action erases all data on the system disk, including saved configurations, logs, and databases. Before you proceed, you must back up important data by creating a snapshot or exporting it to a local device.

HTTP 401 error on OpenClaw page

This error means your token has expired. To resolve it, go to the application details page in the Simple Application Server console, regenerate the OpenClaw logon URL, and try again.

Skill installation blocked

The OpenClaw management interface supports one-click installation for some Skills components. However, this method is not available for components that depend on Homebrew. To use these Skills, you must first install Homebrew on your server and then complete the installation.

"Disconnected (1008): unauthorized" error

This error indicates that your access link is missing an authentication token. The OpenClaw web console requires a token for access and does not permit direct access by IP address. In the server console, click the instance ID on the server card to open the server overview page. Click the Application Details tab. On the Access Control page, click Execute Command to get the correct access URL with the required token.

"Disconnected (1008)" error

This error indicates that the token was not initialized. To resolve this, go to the application details page in the Simple Application Server console, set the API key, and then get a new access link.

Resolve the "disconnected (1006): no reason" error

Follow these steps to troubleshoot:

From the Alibaba Cloud Simple Application Server console, navigate to the application details page for your instance and regenerate the token.
Append the new token to the URL in the format http://XXX:18789/?token=new_token and test the new URL in an incognito window.
Log on to the server via SSH and verify that the OpenClaw service is running.
Ensure the security group for your Simple Application Server allows inbound TCP traffic on the listening port.
If the service is not correctly bound to a public IP address or if the reverse proxy is misconfigured, the WebSocket connection might fail. To begin troubleshooting, test connectivity from your local machine with curl or telnet.

Resolve "401 Unauthorized" error

When you use Alibaba Cloud Model Studio models, the system returns the error Failed to discover Alibaba Cloud models: 401 Unauthorized.

Possible causes: A 401 error is typically caused by an incorrect API key, a region mismatch between the API key and the base URL, or insufficient permissions for the associated workspace or account.

Troubleshooting and resolution:

Step 1: Verify API key and region

API keys for accounts in the Chinese mainland must be associated with the China (Beijing) region and its corresponding base URL. A region mismatch causes a 401 error.

Console check: When you configure the API key on the Simple Application Server console, ensure you select the correct Model Studio region. An API key is only valid in the region for which it was created. For example, do not select "Singapore" or "US (Virginia)" if your key is for the China (Beijing) region.
Configuration file check: Log on to the server and inspect the configuration file to verify the region assigned to your API key.
Run the following command to view the configuration:
```
cat /home/admin/.openclaw/agents/main/agent/auth-profiles.json
```
Configuration field descriptions:
- alibaba-cloud: The default configuration for the China (Beijing) region. API keys for the China (Beijing) region must be configured under this node.
- alibaba-cloud-international: The configuration for the Singapore region.
- alibaba-cloud-us: The configuration for the US (Virginia) region.

Step 2: Check workspace model permissions

If your API key does not belong to the "default workspace", verify that its associated workspace has permission to invoke the target model.

Log on to the Model Studio console and identify the workspace associated with your API key.
Non-default workspaces do not have model invocation permissions by default. You must go to the workspace settings and manually grant invocation permissions for the specific model, such as qwen3-max-2026-01-23.

Step 3: Verify API key status

If your configuration is correct, verify that the API key is entered correctly, has not expired, and is associated with an account that has no overdue payments. curl

Run the following curl command in your local terminal to test connectivity. Replace DASHSCOPE_API_KEY with your actual API key.

To get an API key, see Get API Key. The following command uses the URL for the China (Beijing) region. If you are using a model in the Singapore region, replace the request URL with: https://dashscope-intl.aliyuncs.com/compatible-mode/v1/chat/completions.

Test command:

curl -X POST https://dashscope.aliyuncs.com/compatible-mode/v1/chat/completions \

- H "Authorization: Bearer DASHSCOPE_API_KEY" \


- H "Content-Type: application/json" \


- d '{

    "model": "qwen3-max-2026-01-23",
    "messages": [
        {
            "role": "system",
            "content": "You are a helpful assistant."
        },
        {
            "role": "user", 
            "content": "Who are you?"
        }
    ]
}'

If this command also returns a 401 error, your API key is likely invalid or your account has overdue payments. Go to the Alibaba Cloud Model Studio console to regenerate the key or check your account balance.

Resolve "command not found: openclaw" error

Run the following commands to create a symbolic link:

ln -sf /home/clawdbot/dist/entry.js /usr/bin/openclaw
openclaw --help

Cannot get token with Tailscale

This occurs because Tailscale modifies the routing policy. To work around this, read the token directly from the instance:

Run the following command:

echo $(sed -z 's/.*"token": "\([^"]*\)".*/\1/' /root/.clawdbot/clawdbot.json | tr -d '\0')

The output is your token.

OpenClaw port 18789 blocks external access

The listening address for the OpenClaw service on port 18789 is 127.0.0.1, which prevents it from being accessed from the external network.

Possible cause: The bind parameter in the OpenClaw configuration file has been changed. By default, this parameter is set to lan, which allows public network access. If the parameter is changed to loopback and the service is restarted, the port will only listen on the loopback address 127.0.0.1.

Solution:

Log in to the server and check the configuration. Log in to the Simple Application Server as the admin user and run the following command to check the current configuration of the bind parameter:
```
cat /home/admin/.openclaw/openclaw.json | grep bind
```
Modify the configuration file. Check the command output. If the configuration is set to "bind": "loopback", edit the configuration file to change it back to the default "lan" mode.
Restart the gateway service. After you modify and save the configuration file, run the following command to restart the gateway service and apply the changes:
```
openclaw gateway restart
```
After the service restarts, the port will resume normal operation, restoring external network access.

The `openclaw gateway restart` command fails

You run the openclaw gateway restart command, but the service fails to restart.

Solution: Manually terminate the process and restart the service. Follow these steps:

Log in to the server. Log in to the Simple Application Server as the admin user.
Terminate the current process. Run the following command to forcefully stop the current OpenClaw Gateway process:
```
killall openclaw-gateway
```
Restart the service. Run the following command to restart the gateway service:
```
openclaw gateway start
```
Note: You can safely ignore any error messages displayed by this command.
Verify the service status. Run ps aux | grep gate to check if the openclaw-gateway process has started. Then, run netstat -nltp to confirm that the relevant port is in a listening state.

Troubleshoot downtime, high memory, and OOM Killer

Upgrade the instance configuration
We recommend you upgrade the instance configuration to at least 2 vCPUs and 2 GB of memory. This improves the stability of OpenClaw and helps prevent issues caused by insufficient resources, such as server downtime, website inaccessibility, and high memory usage.
Check for and add a swap partition
OpenClaw application images released after February 26, 2026, include a swap partition by default. If your instance runs an earlier version, we recommend you manually configure a swap partition or reset the current application image to the latest version. A swap partition acts as a buffer when memory is low, which helps reduce OOM Killer events and unexpected service interruptions.