Use a firewall to prevent unwanted connections on Mac
A firewall can protect your Mac from unwanted contact initiated by other computers when you’re connected to the internet or a network. However, your Mac can still allow access through the firewall for some services and apps. For example:
If you turn on a sharing service, such as file sharing, macOS opens a specific port for the service to communicate through.
An app or service on another system can request and be given access through the firewall, or it might have a trusted certificate and therefore be allowed access.
For greater control, you can select apps and services and specify whether they can have access through the firewall.
Turn on firewall protection
On your Mac, choose Apple menu
> System Preferences, click Security & Privacy, then click Firewall.Click the lock icon
to unlock it, then enter an administrator name and password.Click Turn On Firewall.
To specify additional security settings, click Firewall Options and do any of the following:
Allow only specified apps and services to connect: Click the Add button
, then select the app or service in the dialog that appears.Allow only essential apps and services to connect: Select the “Block all incoming connections” checkbox.
Automatically allow built-in software to receive incoming connections: Select the “Automatically allow built-in software to receive incoming connections” checkbox.
Automatically allow downloaded signed software to receive incoming connections: Select the “Automatically allow downloaded signed software to receive incoming connections” checkbox.
Enable stealth mode to make it more difficult for hackers and malware to find your Mac: Select the “Enable stealth mode” checkbox.
Set firewall access for services and apps
On your Mac, choose Apple menu
> System Preferences, click Security & Privacy, then click Firewall.Click the lock icon
to unlock it, then enter an administrator name and password.Click Firewall Options.
If the Firewall Options button is disabled, first click Turn On Firewall to turn on the firewall for your Mac.
Click the Add button
under the list of services, then select the services or apps you want to add. After an app is added, click its up and down arrows to allow or block connections through the firewall.Blocking an app’s access through the firewall could interfere with or affect the performance of the app or other software that may depend on it.
Important: Certain apps that don’t appear in the list may have access through the firewall. These can include system apps, services, and processes as well as digitally signed apps that are opened automatically by other apps. To block access for these programs, add them to the list.
When your Mac detects an attempt to connect to an app you haven’t added to the list and given access to, an alert message appears asking if you want to allow or deny the connection over the network or internet. Until you take action, the message remains, and any attempts to connect to the app are denied.