There is a firewall built into macOS and it does some things well, but is limited. Install the free open source LuLu firewall to add the missing features. Plug the security holes on your Mac.
The Mac is regarded by many as being a secure computer and it is true, to an extent. The features in macOS do make it quite secure, but it is not perfect. There are gaps and one of these is with the built in firewall.
It can allow spyware and malware, and apps that simply don’t respect your privacy to send out the data they have collected about you to unknown people or places on the internet. Let’s put a stop to that.
- Increase Safari security and privacy in macOS
- 8 ways to boost Mac security and privacy using public Wi-Fi
Enable the firewall in macOS
Let’s first look at the Mac’s built in firewall. Open System Settings > Network > Firewall and turn on the switch if it is not already on. On older versions of macOS, open System Preferences > Privacy & Security > Firewall.
What the Mac firewall does is to block incoming connections and this prevents hackers on the network or the internet from gaining access to the computer. It does a good job of keeping out hackers and their bots.
The problem with the Mac firewall is that it does not prevent software on the Mac from calling home. Even good apps may collect data and send it back to the developer or worse still, advertisers. Malware and spyware may collect personal information and who knows where they may send it. The Mac firewall does not prevent this outflow of information.
What LuLu firewall does
LuLu is a free open source app for the Mac that is able to detect outgoing network or Internet connections and let you block or allow them as you see fit. It enables you to see when apps phone home and to create rules that either allow or block them.
LuLu will not tell you whether an outgoing connection is good or bad and it is up to you to decide whether it is OK to allow a connection or not, but it at least puts you in control. Instead of being oblivious to what apps are doing and which servers on the Internet they are connecting to, you can see and decide whether to allow or block them.
Install LuLu firewall
Go to the LuLu GitHub page and download the latest version of the app. Open it and drag the app to the Applications folder. Run it and there are several security hoops to jump through which require a few trips to Security & Privacy in System Settings (System Preferences in older versions of macOS).
You must give permission for the app to run and to add system extensions. It needs these in order to work. Work through the security steps to get LuLu running, they are not difficult and the app explains what to do.
You are prompted to configure LuLu and there are two options. The first is Allow Apple Programs. You don’t have to trust Apple apps, but the company is very privacy-focused these days. Tick the box or you will be plagued by popups asking if you want to allow this or that.
The second option, Allow Already Installed Applications, is enabled by default, but it is best if you clear the checkbox. You cannot assume that every third party app already installed on the Mac is OK and does not have privacy issues. Some apps may be OK, but some may not be.
LuLu appears as an icon in the menu bar. Click it to access a menu. Use this to turn it on or off, see rules, access preferences, open a network monitor or even uninstall it.
Allow or block internet access with LuLu firewall
LuLu is designed to make you aware of outgoing network or internet connections that normally occur without your knowledge. Normally, macOS firewall does nothing to prevent them.
Any app can appear in a LuLu alert window like this and you will see a lot of them the first time you use the firewall. You can choose to allow or block the app. Some apps must have internet access in order to work, so think carefully before blocking them. CloudflareWARP in the screenshot above is a VPN and internet access is essential. The option you select is remembered as a rule and you will not be asked again.
As you use apps and create rules by clicking Block or Allow, fewer and fewer LuLu alerts appear. Eventually they all stop, until you install a brand new app not seen before, then you will see an alert for it.
View and modify LuLu firewall rules
If you want to see what rules have been created and to modify them, open the menu bar menu and click Rules. A window opens and lists them.
The toolbar at the top is used to show all rules or just a subset of them. For example, click User to see the apps you are running. An Allow checkbox to the right of each rule enables you to allow or block apps and so you can change your mind if your original decision to block or allow the app was not right.
It is possible to manually add a rule for an app using the form above. However, it is not worth the effort. It is easier to just wait until the app tries to access the network or internet and LuLu will ask if you want to allow or block it.
There is a network monitor called NetIQuette that displays active internet connections, the amount of data each app has uploaded and downloaded, and the protocol used. It is not essential, but it could be useful on occasions. Mostly you will simply run LuLu and let it monitor connections in the background.
LuLu is a useful tool for boosting security on the Mac. It adds outgoing connection monitoring and control to the Mac’s built in firewall which only monitors incoming connections. If you are concerned about privacy, malware and spyware on your Mac, grab a copy of this free open source firewall and install it.