Modifying this control will update this page automatically
On your Mac, use Firewall settings to turn on the firewall in macOS to prevent unwanted connections from the internet or other networks. Learn how to block connections to your Mac with a firewall.
To change these settings, choose Apple menu
Open Network settings for me
Firewall | Prevent unwanted connections from the internet or other networks. |
Options | Choose how much to block incoming connections. |
Block all incoming connections | Prevent incoming connections to non-essential services and apps. Basic internet services are a set of apps that allow your Mac to find services provided by other computers on the network. This setting prevents connections to all other sharing services. |
Add | Add an app or service to allow incoming connections. |
Remove | Remove an app or service from allowing incoming connections. |
Automatically allow built-in software to receive incoming connections | Allow built-in apps and services that are signed by a valid certificate authority to be automatically added to the list of allowed apps, without your authorisation. |
Automatically allow downloaded signed software to receive incoming connections | Allow downloaded apps and services that are signed by a valid certificate authority to be automatically added to the list of allowed apps, without your authorisation. |
Enable stealth mode | Prevent your Mac from responding to probing requests that can be used to reveal its existence. The Mac still answers requests from authorised apps, but unauthorised requests such as ICMP [ping] get no response. |
Certain shared services can connect through the firewall when they are turned on in Sharing settings. For additional security, you can prevent connections to these incoming services by turning off the service in Sharing settings. See Share your Mac screen, files and services with other users on your network.
Please don’t include any personal information in your comment.
Maximum character limit is 250.
Thanks for your feedback.
Matt Cone January 29, 2021 Tutorials Mac Security
Every Mac ships with a built-in firewall — a service that can be configured to disallow information from entering your Mac. But what is a firewall, and why do you need to use it on your Mac?
Firewall Crash Course
Every time you request information from the Internet, such as a web page or email message, your Mac sends data packets to request the information. Servers receive the packets, and then send other packets back to your Mac. This all happens in a matter of seconds. Once your Mac has reassembled the packets, you’ll see something, like an email message or web page.
A firewall can help prevent bad packets from entering your Mac. Hackers love to run automated applications that can scan thousands of computers [including your Mac] for open ports that can be exploited. To ensure that random individuals don’t gain unauthorized access to your Mac, you should enable your Mac’s built-in firewall. It will close your Mac’s open ports and disallow random network scans.
Turning on and Configuring Your Mac’s Firewall
Here’s how to turn on and configure your Mac’s built-in firewall:
From the Apple menu, select System Preferences. The window shown below appears.
Click Security & Privacy.
Click Firewall.
Click the lock icon and authenticate with your administrator username and password. The window shown below appears.
Click Start. The firewall turns on — you’ll know it’s enabled when you see the green light and the Firewall: On message, as shown below.
Click Firewall Options. The window shown below appears.
Select the Automatically allow signed software to receive incoming connections checkbox. This allows the applications on your Mac to communicate with the outside world.
Select the Automatically allow downloaded signed software to receive incoming connections checkbox. This allows your Mac to trust authorized applications.
We don’t recommend this, but you can optionally select the Enable stealth mode checkbox. This prevents your Mac from responding to port scans and ping requests.
Click OK to close the Advanced settings.
Close System Preferences. Your Mac is now protected by the built-in firewall!
Final Thoughts
There are several third-party firewall applications available for Macs, but we don’t recommend that you purchase them. Your Mac’s firewall utilizes the same industry-standard Unix technologies that are used to protect web servers. If you’re paranoid and want a beefier firewall, bone up on your Unix skills and write some custom rules for your firewall. Leave the third-party firewall applications on the shelf, where they belong!
Related Articles
- How to Monitor Your Mac’s Firewall Logs
Subscribe to our email newsletter
Sign up and get Macinstruct's tutorials delivered to your inbox. No spam, promise!