macOS blockers

Discussion in 'Porn Addiction' started by sinner76, Sep 30, 2021.

  1. sinner76

    sinner76 Fapstronaut

    691
    930
    93
    These methods are for OS X HIGH SIERRA AND ABOVE

    -I always recommend using more than one filter because they strengthen each other.


    -Cold Turkey

    1-Install Cold Turkey:
    https://getcoldturkey.com/

    2-Install Cold Turkey extension on your browsers.

    3-Enable "Allow in incognito/private" for Cold Turkey's extension on chrome and brave.

    The following step is very important to get Cold Turkey to detect that incognito is off.

    4-Open Terminal from your applications and enter these commands which will stop cold turkey from asking for incognito permissions:

    Do not proceed unless you do this step because after we install the filtering profile, "Allow in incognito" option will be hidden and Cold Turkey will block your browser.

    Screenshot on how to use and import configurations:
    https://pasteboard.co/JMg1XPP.png

    Screenshot on how to prevent easy bypass:
    https://pasteboard.co/JTfSe8M.png
    I highly recommend you block Activity Monitor, if you don't use it.

    Import this list:
    https://www.mediafire.com/file/i2fsvs8z6eqmbjp/Block+Lists+from+Sinner's+MacBook+Air.ctbbl/file

    IMPORTANT: This list blocks many google searches so you have to turn on Google Safe search to exclude Google from being blocked
    https://www.google.com/preferences Don't forget to click save.


    Cold turkey will block unsafe browsers that could be used to access porn.

    The imported blocklist:
    *Blocks porn/proxies/VPNs
    *Blocks sites that contain bad (porn) keywords.
    Note that this list blocks bad sites based on keywords

    Remove the extension from browsers you want to block. You could block Safari (and Terminal) using the configuration mentioned above.


    (Cold Turkey prevents you from tampering with its files. If you want to additional protection to Cold Turkey, check out fapsecure which will be discussed later in this post)

    Best way to lock Cold Turkey's blocks:
    Does not work anymore. I will need to update it.
    This method is possible because Cold Turkey allows you to lock blocks for a period of time from Terminal.

    Example:
    "/Applications/Cold Turkey Blocker.app/Contents/MacOS/Cold Turkey Blocker" -start "Bad Sites" -lock 720

    This will lock the block named *Block Bad sites for 720 minutes (12 hours).

    Now we need to execute this command automatically when your mac starts and to reset it to 12 hours (e.x. every 2hours). This could be easily done using launchctl.
    Download this plist:
    https://www.mediafire.com/file/sym9b6mddddjwgg/com.cold.redo.plist/file
    Keep it in your downloads folder and open it using text edit.

    You'll find this:
    <string>sleep 21; "/Applications/Cold Turkey Blocker.app/Contents/MacOS/Cold Turkey Blocker" -start "dontdeleteme" -lock 720; "/Applications/Cold Turkey Blocker.app/Contents/MacOS/Cold Turkey Blocker" -start "Safari macOS" -lock 720; "/Applications/Cold Turkey Blocker.app/Contents/MacOS/Cold Turkey Blocker" -start "Bad Sites" -lock 720;</string>

    These are several commands separated by semicolons ( ; ) in a single line. You can only put one liners in plist files. If you want to add more blocks, just add a semicolon and put your command.

    Explanation: The sleep command is essential to give time for cold turkey to start up. The first command is important because for some reason Cold Turkey occasionally ignores the first command in the script.

    You'll also find this:
    <key>StartInterval</key>
    <integer>3600</integer>

    This will re-execute the command every 3600 seconds (1 hours).

    Make the changes that you want, then execute the following:

    1-Copy the plist from the downloads to /Library/LaunchAgents:
    sudo cp ~/Downloads/com.cold.redo.plist /Library/LaunchAgents/com.cold.redo.plist

    2-Load the plist:
    launchctl load -w /Library/LaunchAgents/com.cold.redo.plist

    As long as this plist is loaded, the blocks will be locked for 12 hours every time you start your mac. It will be reset to 12 hours every 2 hours.

    You could add blocked items to locked blocks but you can't remove anything while locked. If you want to unlock the block:
    -Unload the plist:
    launchctl unload -w /Library/LaunchAgents/com.cold.redo.plist
    sudo rm /Library/LaunchAgents/com.cold.redo.plist

    -The lock will be unlocked automatically after 12 hours

    If you want to make any changes to the plist file, unload it, then start from the beginning by editing the plist in the downloads folder.
    -----
    Hint:
    to block the google images search add this:
    *tbm=isch*
    to block the google videos search add this:
    *tbm=vid*
    (Create a new block and add those keywords, don't add them to the block I uploaded in this thread. It won't work)

    -Pluckeye
    This is one of the best blockers for macOS.
    https://forum.nofap.com/index.php?threads/pluckeye.300403/

    On Big Sur and later versions of macOS, the system feature does not work which means that pluckeye won't be able to block unsupported browsers and other apps from accessing the internet. Other apps in this post will perform this function. I highly recommend pluckeye even for Big Sur and later versions.

    -macOS filtering profile:
    The Default removal password of the profile is nofap
    Edit the profile and change the password then use lockbox.pluckeye.net to save the password:
    https://ibb.co/fv19C1R
    You can modify everything in the profile using TextEdit such as the DNS used by browsers or the system. Make sure you change the default removal password which is nofap to a random password and save the password on lockbox.pluckeye.net

    -Download:
    https://github.com/John889/macOS_filtering_profile/archive/refs/heads/main.zip

    Features:

    -System DNS: set to CleanBrowsing Family.
    Cleanbrowsing family blocks reddit and enables Youtube restricted mode. Check out how to fix that below using the hosts file.

    -Chromium browsers(Chrome, Brave, Vivaldi):
    Enforces Leechblock extension
    Browser DNS set to Cleanbrowsing family
    Enables built-in porn blocker + Search engine safe search.
    Blocks: incognito, private windows, Guest accounts, new accounts, installing external extensions, VPN/proxy extensions, Tor on Brave.

    -Firefox:
    Enforces Leechblock and SafeSearch Enforcer extensions, disables private browsing, safe mode, profile switch, DNS set to Cleanbrowsing family

    -Safari: Enables the built-in porn blocker

    -Siri: Profanity filter ON. You can also completely block Siri.

    You can also block access to specific panes in "System Preferences". Editing instructions are included.

    (After you open the profile, you'll need to go to System Preferences>Profiles and click on install.)

    ----
    Other extensions enforced by the profile:

    LeechBlock: This will be enforced only on firefox. Right click the extension>options.
    Copy everything in this link and paste it in the domains to be blocked:
    https://github.com/John889/blocklists/blob/main/leechblockkeywords

    * at the beginning of the list means filter all sites
    + means allow a domain
    ~ keyword(if no keywords are added and there is an asterisk in the first line, all sites will be blocked.)

    Select all days of the week: Sun Mon Tue Wed Thu Fri Sat
    Check "Immediately block pages on these sites once blocking conditions are met"

    The above Blockset only filters keywords. You can't block domains in this blockset. So, Just click on Blockset2 and add whatever sites you want to block. Then enable for all days of the week, etc.

    Go to General tab, check "Process only active tabs (improves performance when multiple tabs open)"

    Then set a password and save it lockbox.pluckeye.net

    Leechblock can slow down your browser as we are using keyword blocking. Make sure you don't keep many tabs open, just the ones you need and it the performance should be good. It filters all open tabs every second.

    If needed, you could block the chrome and the firefox store using pluckeye. Just block: addons.mozilla.org and chrome.google.com

    -Editing and locking the hosts file
    The following hosts file will do the following by default:
    Enable Safe search on Google, Bing, duckduckgo & Yandex.
    Block other search engines.
    Allow access to reddit and twitter. (Edit the file if you want to block images and videos).

    Enable youtube normal (unrestricted) access.
    You could also block any site.

    1-Download SwitchHosts:
    https://github.com/oldj/SwitchHosts/releases
    (.dmg is for macOS. M1 macs need the arm64 version)
    2-Open SwitchHosts app, click the + button > local. Name it anything and save.
    3-Copy all of the contents of this file (command+a then command+c)
    https://raw.githubusercontent.com/John889/blocklists/main/hosts.txt
    4-Paste it in the new hosts that you've just created (command+v). Then activate the hosts using the switch button beside its name.

    You could edit this hosts as you wish. The instructions are present in the text. You could enable Youtube restricted mode, bock images on reddit and twitter, block any site that you want.

    If you want to lock your hosts file use fapsecure below. This is not recommended unless you have sufficiently tested your settings. You'll need to add this to fapsecure's protectedfiles.txt:
    /etc/hosts


    -Fapsecure for macOS
    Can only be removed if you have its password, or you'll have to wait for 4 hours.

    *Includes an app blocker that could be used to block any apps you want.(Instructions in "How to use.txt")
    *Includes a file protector that could be used to protect any file, folder or app.
    *Blocks unsafe browsers like Tor and many others automatically.
    *Enforces safe search on Google, Bing, Yandex.
    *Blocks tons of porn sites and proxies permanently.

    It can enforce a DNS on all the versions on macOS, not just Big Sur.
    Disables Screen Time "Ignore Limit" & "One more minute" buttons.

    By default, it changes your DNS server to Cleanbrowsing Family that blocks bad sites. Update: Now, you could use any dns server you want (IPv4 or IPv6)

    Cleanbrowsing Family DNS features: https://cleanbrowsing.org/filters

    1-Download "fapsecure.zip":
    https://github.com/John889/fapsecure-macos/raw/main/Fapsecure.zip

    2- Open Fapsecure.zip (it should be in "Downloads"). This will extract it and a folder called "Fapsecure" will appear in your Downloads.

    3-Copy the "fapsecure" folder to your Desktop. This is not optional.

    4-For the rest of instructions open "How to use.txt" in fapsecure's folder

    -Using macOS Screen Time to block apps:

    Requires Catalina or later versions of macOS.
    Located in Screen Preferences>Screen Time

    Normally, you can't lock Screen Time settings for an admin account. But you'll now see how it is done using Fapsecure.

    Hint: Don't make your mac a prison or you'll keep looking for ways to bypass the blockers.

    Turning it into an app lock:
    A)Turn on "App Limits" and select all the bad apps that can cause you to relapse into a new single app limit. Set the time to 1 min, which is the minimum. This option is recommended if you have all the bad apps downloaded on your mac.

    OR

    B)Downtime: The more extreme way. Not recommended except for tech savvy addicts.

    Blocks all apps even newly downloaded ones except for apps in the Always Allowed list.
    Go to "Always Allow" and select all apps (even if you don't use them) except the actual harmful apps. If you don't know what an app does, just keep it allowed. If you go too strict, you will end up removing the restrictions. Make sure you have downloaded all apps you need.
    DownTime will make Safari painful to use.

    Schedule: 6:00 AM to 5:59 AM


    You'll notice that when an app is blocked you can just click on ignore limits and allow the app. Fapsecure (discussed next) can block this button, if you add this to the blocked apps:
    ScreenTimeViewService

    Finally, you have to lock the Screen Time (to lock the settings) and "Users and Groups" panes (to prevent creating new users) using Fapsecure by blocking:
    com.apple.preference.screentime.remoteservice
    com.apple.preferences.users.remoteservice


    Fapsecure will also automatically prevent creating new users from CLI.

    If you open a blocked app, you'll have to right click its icon in Dock > Quit. Or terminate it by clicking command+option+esc

    Password protecting the recovery mode (Command -R) & Single user mode (Command -S)(optional):
    If you have no idea what this is then do not proceed.

    THIS IS VERY RISKY.

    THIS PASSWORD HAS TO BE WRITTEN DOWN + TYPED & SAVED SOMEWHERE

    https://support.apple.com/en-us/HT204455#:~:text=a firmware password-,Start up from macOS Recovery: Press and hold Command (,Enter the firmware password.

    History
    Enforcing a DNS server:

    If you're on macOS Big Sur or later, you could use profiles to enforce a DNS.
    The following profile enforces Cleanbrowsing family DNS (DNS over HTTPS).
    The major downside of the family DNS is that it enforces youtube restricted mode (no comments, blocks some safe videos). It also blocks reddit completely. If you want to allow access to reddit and unrestricted YT, you could use fapsecure (discussed next).

    EDIT: The DNS payload has been included in the macos filtering profile discussed earlier.

    -Enabling the built-in filter

    MacOS already has a built-in web filter. Normally, it could be enabled only on non-admin accounts. But this Profile will allow us to use it on admin accounts:

    EDIT: I added the built-in filter payload to the macOS filtering profile mentioned above.

    I have to mention that it works best with Safari, it also works with other browsers but many bad sites will pass through. Its main advantage is that it is system wide. I've added the following sites to the exclusions:
    https://Nofap.com/
    https://Yourbrainrebalanced.com/
    https://rebootnation.org/
    They must be in this format: https://site.com/
    The only way to add exclusions is by editing the mobileconfig file then reinstalling it. You'll need the password to overwrite the existing profile.
    Useless apps

    5-Sophos

    Download Sophos Home for Mac:
    https://my.sophos.com/en-us/download/
    After you install it, do this:

    ONE:
    https://pasteboard.co/JwJ0mug.png
    TWO:
    https://pasteboard.co/JwJ3PwY.png

    Do NOT block "sex education" category as it will block nofap.com
    Now, click again on sophos icon and click "check for updates"

    THREE:

    Sign up for a new account. This is important to protect your settings with a password.
    Don't sign up using your email because you'll be able to change sophos settings and reset the account's password. You could sign up with a friend's email and let him check his inbox for the confirmation email. If you don't want to involve a friend, you can use a temporary email:
    https://temp-mail.org/en/

    For the password, you could type a random password in TextEdit, ex:jfdadfsasjfasljlafjd. Then paste in the password field, you must not lose this password. I recommend you save both the email and the password on lockbox.pluckeye.net

    Again, do not lose the password or the e-mail address.

    Now, try clicking on Sophos>preferences. The webpage should ask you to login using your email and password. If it logs in automatically, it means you have to sign out:

    1-Click on your email then "My account":https://pasteboard.co/JyHjKEP.png
    2-Security>Settings:https://pasteboard.co/JyHk4pe.png
    3-Sign out all users:https://pasteboard.co/JyHkrYv.png

    In the next steps we are going to prevent anyone from removing Sophos.

    Locking Sophos:

    Protect Sophos app using fapsecure (mentioned above)
    You need to install this profile to prevent access to Security & Privacy" from Security Preferences. This will prevent you from removing Sophos permissions:
    https://www.mediafire.com/file/m1tulw9r5fgcr9e/Lock+Security+&+Privacy+.mobileconfig/file
    Don't forget to edit the file with TextEdit and change the removal password. The default password is nofap
    That's it!
    5-Forticlient


    Does not work on Big Sur.
    Official link for the latest 6.0.x version:

    https://filestore.fortinet.com/forticlient/downloads/FortiClientOnlineInstaller_6.0.dmg

    Setting up Forticlient for OS X (IMPORTANT):

    As I mentioned in the windows section above, the newer versions of Forticlient sets youtube to STRICT mode which makes youtube useless. So we'll have to edit forticlient settings:

    https://www.flickr.com/photos/[email protected]/49929387771/in/album-72157714433295158/

    (Note that you might need to disconnect and reconnect to Wifi/Ethernet for forticlient to start working for the first time)

    Prevent removal of forticlient:
    Use fapsecure to prevent deletion of FortiClient files.
     
    Last edited: Dec 3, 2021 at 6:59 PM
  2. the300clean

    the300clean Fapstronaut

    53
    56
    18
    that's a good start. but all of this text wall is confusing. i am not sure if all the blockers can prevent me from factory reset, or by other bypass. and it am not sure what is special about any one of them compared to the others.

    maybe you should give each filtering the following headlines:
    1. basic description.
    2. how to install
    3. way to bypass the blocker, and how to prevent it.
    4. advantages/disadvantages.
     
    sinner76 likes this.
  3. sinner76

    sinner76 Fapstronaut

    691
    930
    93
    You're totally right. I have noticed that most people don't reach the blockers at the end cuz it's very long. I'll do it but I think that I should edit other stuff right now before I forget. Thanks a lot for your opinion, man. I hope other people also give feedback ,and share bypasses and useful apps.
    To prevent factory reset, you'll need to password protect the recovery mode which is the last thing in the post. It would take you an hour to find it, if you started reading from the top.
     
  4. OhWhenThe

    OhWhenThe Fapstronaut

    547
    637
    93
    Is that the "Block Time & Language settings when a block is enabled" option?
     
    sinner76 likes this.
  5. sinner76

    sinner76 Fapstronaut

    691
    930
    93
    OhWhenThe likes this.
  6. zakhmisher

    zakhmisher New Fapstronaut

    2
    0
    1
    Hi Fapsecure new version isnt' working on Macos Monterey Beta. The older fapsecure now shows payload identifier error when installing profiles.
     
  7. sinner76

    sinner76 Fapstronaut

    691
    930
    93
    What is not working exactly? DNS IPv4 enforcement or app blocking?
    Forget about that profile. I added the secure DNS payload to the macOS filtering profile, but it will probably also fail to install on Monterey. I need to upgrade my OS to see what is going on but I'll have to wait for the public release for financial reasons.
     
    Last edited: Oct 14, 2021
  8. zakhmisher

    zakhmisher New Fapstronaut

    2
    0
    1
    Hi DNS leak test seems to suggest that cleanbrowsing is working but it is not blocking any site.
    I have upgraded by participating in the beta program for the macos.
     
  9. sinner76

    sinner76 Fapstronaut

    691
    930
    93
  10. JaJeJo

    JaJeJo New Fapstronaut

    2
    1
    3
    Hi, current version of Fapsecure doesn't seem to enable reddit or block other search engines, because whilst the guide here doesn't say that now, the how to use.txt still does. Is this normal behavior?
    Am using MacOS Mojave 10.14.5
     
  11. sinner76

    sinner76 Fapstronaut

    691
    930
    93
    The old fapsecure enabled reddit by editing the hosts file. I mentioned how to do it using switch hosts. I removed it from fapsecure to allow people to customize the hosts file according to their needs. Some people want images on reddit, others want it completely blocked.

    Sorry, I will have to edit the howtouse file in the next update.
     
    JaJeJo likes this.
  12. JaJeJo

    JaJeJo New Fapstronaut

    2
    1
    3
    Ah, okay. I got a 'new' refurbished macbook yesterday and installed the latest version of fapsecure straight away, but tested it out because it seemed very different (at the time knowing I still couldn't access reddit and still view other search engines) but anyhow also found 3 loopholes getting around this fapsecure version that were not present with the older version and even managed to remove the dns entirely and managed to access everything again and annoyingly relapsed, Is it possible to still get the old version as it was? Thank you
     
    sinner76 likes this.
  13. sinner76

    sinner76 Fapstronaut

    691
    930
    93
    I will send you a pm.
     
  14. Koli Pratham

    Koli Pratham Fapstronaut

    do I need pluckeye to run fapsecure?
     
  15. Koli Pratham

    Koli Pratham Fapstronaut

    I've installed and setup fapsecure but not pluckeye cuz it does not support my Current mac version
     
  16. issuespleasehelp

    issuespleasehelp New Fapstronaut

    1
    1
    3
    Is there a version of fapsecure without the 4 hour uninstall time (so password only)
    Because otherwise it kinda defeats the purpose of having a lockbox if you can disable it in 4 hours anyway
    Thanks!
     
    Last edited: Nov 23, 2021

Share This Page