Healthcheck — Automated Server Security Monitoring | OpenClaw

Keep your server secure with automated checks. SSH config, firewall rules, open ports, pending updates — reported on a schedule or on demand.

Features

🔒 SSH configuration audit (key auth, root access, port)
🛡️ Firewall analysis (UFW / iptables)
🚪 Open port scanning
📦 Pending security update detection
📊 Scheduled reports via cron
⚠️ Instant alerts when issues are found
🔒 Fail2ban status and blocked IPs

Install

clawhub install healthcheck

Usage Examples

Quick check:

"Check server security"
"What ports are open?"

Detailed audit:

"Run a full security audit"
"Audit my SSH configuration"

Monitoring:

"Any pending security updates?"
"Show me today's login attempts"
"How many IPs has Fail2ban blocked?"

What Gets Checked

Check	Description
SSH	Root login, password auth, custom port
Firewall	UFW/iptables status and active rules
Ports	Open ports and associated services
Updates	Pending security patches
Fail2ban	Status and blocked IP list
Last logins	Recent SSH login history

Scheduled Security Reports

Set up daily automated checks:

# ~/.openclaw/openclaw.yaml
cron:
  - schedule: "0 9 * * *"   # Every day at 9:00 AM
    task: "Run a server security check and send me the report"
    channel: "telegram"

Example Report

🛡️ Security Report — your-server.com

✅ SSH: Key-only auth, root login disabled, port 2222
✅ UFW: Active — only port 2222 open
✅ Fail2ban: Running — 3 IPs blocked in the last 24h
⚠️  Updates: 4 security updates pending
   - libssl3 (CVE-2026-1234)
   - openssh-server
   - linux-generic
   - curl

Recommendation: Run `sudo apt upgrade` to apply updates.

Recommendations Engine

After each audit, the skill generates concrete next steps:

Which ports to close
How to strengthen SSH config
Which packages to update and why

Requirements

Works out of the box after install. Some extended checks (like port scanning) may require sudo access for the OpenClaw user.