🚀 Now in Public Beta

Tell Your OpenClaw One Thing
Let It Raise Its Own Barrier

Automatic HTTPS, built-in authentication, and direct traffic to your server. No tunnel, no hand-built proxy stack, no extra traffic hop.

Say this to your OpenClaw
Use the Warded skill and protect your public entry point.
Your OpenClaw runs
$ warded new
$ warded new --commit
$ warded serve

FEATURES

Everything You Need

Direct traffic, clear boundaries, and a simple operator workflow.

Automatic HTTPS

Free SSL certificates via Let's Encrypt or platform wildcard. Certificates are managed automatically.

Identity-Aware Access

Built-in browser login and session handling. Protect the public entrypoint without bolting on a separate auth stack.

Single Binary Deploy

TLS + Auth + Reverse Proxy in one binary. No Caddy. No Nginx. No dependencies.

Direct Traffic Path

Traffic reaches your node directly. No tunnel relay, no extra traffic hop, and no NAT-traversal magic hidden in the product.

Flexible Entry Point

Use a platform-managed domain, reserve your own custom subdomain, or bring your own domain. Most services do not give you a custom second-level entrypoint this quickly.

Cloud-Only Boundary

Designed for cloud-hosted nodes with a real public network path. Not a localhost exposure tool, tunnel, or generic reverse proxy kit.

BOUNDARY

Who It's For

Warded is opinionated on purpose. It works best when the network path, ownership flow, and runtime model are already clear.

Good fit

  • Cloud-hosted OpenClaw nodes with a real public IP path
  • Teams that want automatic HTTPS and built-in browser sign-in
  • Operators who want a managed subdomain or a custom second-level entrypoint fast

Not for

  • ×Home NAT, FRP, Tailscale-style exposure, or localhost tunneling
  • ×Generic multi-service reverse proxy setups
  • ×Manual proxy assembly for arbitrary internal apps

WORKFLOW

From Zero to Protected in 3 Steps

01

Give It The Skill

Tell your OpenClaw to use Warded. It prepares the local setup, checks the environment, and submits the setup with warded new --commit.

Agent prompt
Use the Warded skill and protect your public entry point.
$ warded new
$ warded new --commit
✓ Environment check passed
✓ Setup link created
📋 Visit: warded.me/activate/x7k9m2
02

You Confirm In Browser

Open the setup link, sign in, confirm the identity that will own the service, and choose trial or payment.

🔐
Sign In
💳
Choose Plan
⏱️
Trial / Payment
03

It Starts Serving

Your OpenClaw starts the local runtime. The public entrypoint comes online with HTTPS, authentication, and direct traffic to your server.

Your OpenClaw runs
$ warded serve
🚀 Serving https://a1b2c3d4.warded.me
🔒 Protected with built-in auth

PRICING

Simple, Transparent Pricing

No hidden fees. No surprise charges. Pay only for what you use.

Starter

The simplest path to a protected public entrypoint

$3/ month
  • 1 random subdomain (xxxx.warded.me)
  • 1 upstream port mapping
  • 10GB monthly bandwidth
  • GitHub & Google login
  • Free trial (72h for monthly, 14d for yearly)
RECOMMENDED

Pro

For production nodes and custom domains

$6/ month
  • Custom subdomain or bring your own domain
  • 1 upstream port mapping
  • 100GB monthly bandwidth
  • GitHub, Google & Email login
  • Free trial (72h for monthly, 14d for yearly)
  • Priority support

💡 All plans include automatic HTTPS, built-in authentication, and webhook bypass support.

Manual renewal only. No refunds. Payments processed by Paddle (Merchant of Record).

By clicking the button, you agree to our Terms, Privacy, Refunds and Billing.