Hardening · networking · highest risk

Stop exposed panels (networking hardening)

If you run Moltbot on a VPS, the #1 way people get burned is accidentally exposing a control UI or gateway endpoint to the public internet.

Red flag: If you can access your control UI from a coffee shop without VPN + token, assume it’s exposed.

Fast hardening checklist

1
Bind to loopback by default
Only expose remotely via VPN/tailnet/SSH tunnel when possible.
2
Require a token for non-loopback binds
If you must bind on a network interface, treat token as mandatory.
3
Reverse proxy carefully
Misconfigured proxies are a common cause of “unauthenticated panels”.
4
Firewall inbound ports
Allow only what you need (often only SSH/VPN).

Verify

Run exposure check → Back to baseline →