macOS blockers

Discussion in 'Porn Addiction' started by sinner76, Sep 30, 2021.

  1. sinner76

    sinner76 Fapstronaut

    These methods are for OS X HIGH SIERRA AND ABOVE

    -I always recommend using more than one filter because they strengthen each other.

    -Cold Turkey
    1-Install Cold Turkey:

    2-Install Cold Turkey extension on your browsers.

    3-Enable "Allow in incognito/private" for Cold Turkey's extension on chrome and brave.

    The following step is very important to get Cold Turkey to detect that incognito is off.

    4-Open Terminal from your applications and enter these commands which will stop cold turkey from asking for incognito permissions:

    Do not proceed unless you do this step because after we install the filtering profile, "Allow in incognito" option will be hidden and Cold Turkey will block your browser.

    Screenshot on how to use and import configurations:

    Screenshot on how to prevent easy bypass:
    I highly recommend you block Activity Monitor, if you don't use it.

    Import this list:'s+MacBook+Air.ctbbl/file

    Cold turkey will block unsafe browsers that could be used to access porn.

    The imported blocklist:
    *Blocks porn/proxies/VPNs
    *Blocks sites that contain bad (porn) keywords.
    Note that this list blocks bad sites based on keywords

    Remove the extension from browsers you want to block. You could block Safari (and Terminal) using the configuration mentioned above.

    (Cold Turkey prevents you from tampering with its files. If you want to additional protection to Cold Turkey, check out fapsecure which will be discussed later in this post)

    Best way to lock Cold Turkey's blocks:
    This method is possible because Cold Turkey allows you to lock blocks for a period of time from Terminal.

    "/Applications/Cold Turkey Turkey Blocker" -start "Bad Sites" -lock 720

    This will lock the block named *Block Bad sites for 720 minutes (12 hours).

    Now we need to execute this command automatically when your mac starts and to reset it to 12 hours (e.x. every 2hours). This could be easily done using launchctl.
    Download this plist:
    Keep it in your downloads folder and open it using text edit.

    You'll find this:
    <string>sleep 21; "/Applications/Cold Turkey Turkey Blocker" -start "dontdeleteme" -lock 720; "/Applications/Cold Turkey Turkey Blocker" -start "Safari macOS" -lock 720; "/Applications/Cold Turkey Turkey Blocker" -start "Bad Sites" -lock 720;</string>

    These are several commands separated by semicolons ( ; ) in a single line. You can only put one liners in plist files. If you want to add more blocks, just add a semicolon and put your command.

    Explanation: The first command is a sleep command which is essential to give time for cold turkey to start up. The second command is important because for some reason Cold Turkey occasionally ignores the first command in the script.

    You'll also find this:
    This will re-execute the command every 3600 seconds (1 hour).

    Make the changes that you want, then execute the following:

    -To copy the plist from the downloads to /Library/LaunchAgents then load it:
    sudo cp ~/Downloads/com.cold.redo.plist /Library/LaunchAgents/com.cold.redo.plist
    launchctl load -w /Library/LaunchAgents/com.cold.redo.plist
    Wait for half a minute and your blocks will get locked.
    As long as this plist is loaded, the blocks will be locked for 12 hours every time you start your mac. It will be reset to 12 hours every 1 hour.

    You could add blocked items to locked blocks but you can't remove anything while locked. If you want to unlock the block:
    -Unload the plist:
    launchctl unload -w /Library/LaunchAgents/com.cold.redo.plist
    sudo rm /Library/LaunchAgents/com.cold.redo.plist

    -The lock will be unlocked automatically after 12 hours

    If you want to make any changes to the plist file, unload it, then start from the beginning by editing the plist in the downloads folder.
    to block the google images search add this:
    to block the google videos search add this:
    This is one of the best blockers for macOS.
    For Big Sur and later versions of macOS, you'll need to follow these steps to be able to enable pluckeye's system feature:
    I highly recommend pluckeye for Big Sur and later versions even if you can't use the system feature.
    -macOS filtering profile:
    The Default removal password of the profile is nofap
    Edit the profile and change the password then use to save the password:
    You can modify everything in the profile using TextEdit such as the DNS used by browsers or the system. Make sure you change the default removal password which is nofap to a random password and save the password on



    -System DNS: set to CleanBrowsing Family.
    Cleanbrowsing family blocks reddit and enables Youtube restricted mode. Check out how to fix that below using the hosts file.

    -Chromium browsers(Chrome, Brave, Vivaldi):
    Enforces Leechblock extension
    Browser DNS set to Cleanbrowsing family
    Enables built-in porn blocker + Search engine safe search.
    Blocks: incognito, private windows, Guest accounts, new accounts, installing external extensions, VPN/proxy extensions, Tor on Brave.

    Enforces Leechblock and SafeSearch Enforcer extensions, disables private browsing, safe mode, profile switch, DNS set to Cleanbrowsing family

    -Safari: Enables the built-in porn blocker

    -Siri: Profanity filter ON. You can also completely block Siri.

    You can also block access to specific panes in "System Preferences". Editing instructions are included.

    (After you open the profile, you'll need to go to System Preferences>Profiles and click on install.)

    Other extensions enforced by the profile:

    LeechBlock: This will be enforced only on firefox. Right click the extension>options.
    Copy everything in this link and paste it in the domains to be blocked:

    * at the beginning of the list means filter all sites
    + means allow a domain
    ~ keyword(if no keywords are added and there is an asterisk in the first line, all sites will be blocked.)

    Select all days of the week: Sun Mon Tue Wed Thu Fri Sat
    Check "Immediately block pages on these sites once blocking conditions are met"

    The above Blockset only filters keywords. You can't block domains in this blockset. So, Just click on Blockset2 and add whatever sites you want to block. Then enable for all days of the week, etc.

    Go to General tab, check "Process only active tabs (improves performance when multiple tabs open)"

    Then set a password and save it

    Leechblock can slow down your browser as we are using keyword blocking. Make sure you don't keep many tabs open, just the ones you need and it the performance should be good. It filters all open tabs every second.

    If needed, you could block the chrome and the firefox store using pluckeye. Just block: and

    -Editing and locking the hosts file
    The following hosts file will do the following by default:
    Enable Safe search on Google, Bing, duckduckgo & Yandex.
    Block other search engines.
    Allow access to reddit and twitter. (Edit the file if you want to block images and videos).

    Enable youtube normal (unrestricted) access.
    You could also block any site.

    1-Download SwitchHosts:
    (.dmg is for macOS. M1 macs need the arm64 version)
    2-Open SwitchHosts app, click the + button > local. Name it anything and save.
    3-Copy all of the contents of this file (command+a then command+c)
    4-Paste it in the new hosts that you've just created (command+v). Then activate the hosts using the switch button beside its name.

    You could edit this hosts as you wish. The instructions are present in the text. You could enable Youtube restricted mode, bock images on reddit and twitter, block any site that you want.

    If you want to lock your hosts file use fapsecure below. This is not recommended unless you have sufficiently tested your settings. You'll need to add this to fapsecure's protectedfiles.txt:

    -Fapsecure for macOS
    Can only be removed if you have its password, or you'll have to wait for 4 hours.

    *Includes an app blocker that could be used to block any apps you want.(Instructions in "How to use.txt")
    *Includes a file protector that could be used to protect any file, folder or app.
    *Blocks unsafe browsers like Tor and many others automatically.
    *Enforces safe search on Google, Bing, Yandex.
    *Blocks tons of porn sites and proxies permanently.

    It can enforce a DNS on all the versions on macOS, not just Big Sur.
    Disables Screen Time "Ignore Limit" & "One more minute" buttons.

    By default, it changes your DNS server to Cleanbrowsing Family that blocks bad sites. Update: Now, you could use any dns server you want (IPv4 or IPv6)

    Cleanbrowsing Family DNS features:

    1-Download "":

    2- Open (it should be in "Downloads"). This will extract it and a folder called "Fapsecure" will appear in your Downloads.

    3-Copy the "fapsecure" folder to your Desktop. This is not optional.

    4-For the rest of instructions open "How to use.txt" in fapsecure's folder
    -Using macOS Screen Time to block apps:
    Requires Catalina or later versions of macOS.
    Located in Screen Preferences>Screen Time

    Normally, you can't lock Screen Time settings for an admin account. But you'll now see how it is done using Fapsecure.

    Hint: Don't make your mac a prison or you'll keep looking for ways to bypass the blockers.

    Turning it into an app lock:
    A)Turn on "App Limits" and select all the bad apps that can cause you to relapse into a new single app limit. Set the time to 1 min, which is the minimum. This option is recommended if you have all the bad apps downloaded on your mac.


    B)Downtime: The more extreme way. Not recommended except for tech savvy addicts.

    Blocks all apps even newly downloaded ones except for apps in the Always Allowed list.
    Go to "Always Allow" and select all apps (even if you don't use them) except the actual harmful apps. If you don't know what an app does, just keep it allowed. If you go too strict, you will end up removing the restrictions. Make sure you have downloaded all apps you need.
    DownTime will make Safari painful to use.

    Schedule: 6:00 AM to 5:59 AM

    You'll notice that when an app is blocked you can just click on ignore limits and allow the app. Fapsecure (discussed next) can block this button, if you add this to the blocked apps:

    Finally, you have to lock the Screen Time (to lock the settings) and "Users and Groups" panes (to prevent creating new users) using Fapsecure by blocking:

    Fapsecure will also automatically prevent creating new users from CLI.

    If you open a blocked app, you'll have to right click its icon in Dock > Quit. Or terminate it by clicking command+option+esc

    -Disabling System apps like Safari (optional)
    This is not needed in almost all cases as many blockers mentioned here could block safari without taking any risks. Use this only if Safari is causing you problems and you can't block it using other blockers.

    This is an idea for the guys who want to only use the Chrome browser while blocking all other browsers.
    It's easy to just delete other browsers from your mac and use pluckeye's flee commands to block downloading other browsers, for example:
    pluck + flee word browser download
    pluck + flee word download browser

    But you can't just delete the Safari browser for two reasons:
    1-System integrity protection will prevent you from modifying its files.
    2-You might need it back later.

    Here's what to do to reversibly disable Safari:
    1-Boot up into macOS recovery mode. (Restart the mac and hold the power button for M1+ macs OR hold command+R for older macs)
    2-Go to Utiilties>terminal
    3-Enter this to disable SIP:
    csrutil disable
    4-Restart your mac and boot normally.

    Now we are going to compress the Safari browser with a password using the zip command. First, open TextEdit and type random stuff like jadsladsfjadslj. This is going to be the password to decompress Safari.

    5-Open Terminal and enter this:
    cd /Applications
    zip -er

    It will ask you to enter the password that you want. Copy the one you typed in TextEdit and paste using Command+V.

    Now, you have a protected file named in your Applications folder. Save the password from TextEdit on then delete Safari application using this command:
    sudo rm -Rf /Applications/

    (you can do the same to other system apps by replacing with the app name in the above commands. Some apps like Terminal are located in
    Those apps cannot be deleted because they are on the system partition. Even if you delete them in recovery mode, they will be restored on reboot.)

    6-Go back to the recovery mode and enter this in terminal to re-enable SIP:
    csrutil enable

    That's is! You won't be able to launch Safari. If you want to restore Safari, you'll have to open (in your Applications folder), and use the password saved on lockbox.

    P.S. You only need to disable SIP the first time you compress and remove the app. After that you only need the zip password to decompress and use it.
    Password protecting the recovery mode (Command -R) & Single user mode (Command -S)(optional):
    If you have no idea what this is then do not proceed.


    THIS PASSWORD HAS TO BE WRITTEN DOWN + TYPED & SAVED SOMEWHERE firmware password-,Start up from macOS Recovery: Press and hold Command (⌘,Enter the firmware password.

    Enforcing a DNS server:
    If you're on macOS Big Sur or later, you could use profiles to enforce a DNS.
    The following profile enforces Cleanbrowsing family DNS (DNS over HTTPS).
    The major downside of the family DNS is that it enforces youtube restricted mode (no comments, blocks some safe videos). It also blocks reddit completely. If you want to allow access to reddit and unrestricted YT, you could use fapsecure (discussed next).

    EDIT: The DNS payload has been included in the macos filtering profile discussed earlier.

    -Enabling the built-in filter

    MacOS already has a built-in web filter. Normally, it could be enabled only on non-admin accounts. But this Profile will allow us to use it on admin accounts:

    EDIT: I added the built-in filter payload to the macOS filtering profile mentioned above.

    I have to mention that it works best with Safari, it also works with other browsers but many bad sites will pass through. Its main advantage is that it is system wide. I've added the following sites to the exclusions:
    They must be in this format:
    The only way to add exclusions is by editing the mobileconfig file then reinstalling it. You'll need the password to overwrite the existing profile.
    Useless apps
    Download Sophos Home for Mac:
    After you install it, do this:


    Do NOT block "sex education" category as it will block
    Now, click again on sophos icon and click "check for updates"


    Sign up for a new account. This is important to protect your settings with a password.
    Don't sign up using your email because you'll be able to change sophos settings and reset the account's password. You could sign up with a friend's email and let him check his inbox for the confirmation email. If you don't want to involve a friend, you can use a temporary email:

    For the password, you could type a random password in TextEdit, ex:jfdadfsasjfasljlafjd. Then paste in the password field, you must not lose this password. I recommend you save both the email and the password on

    Again, do not lose the password or the e-mail address.

    Now, try clicking on Sophos>preferences. The webpage should ask you to login using your email and password. If it logs in automatically, it means you have to sign out:

    1-Click on your email then "My account":
    3-Sign out all users:

    In the next steps we are going to prevent anyone from removing Sophos.

    Locking Sophos:

    Protect Sophos app using fapsecure (mentioned above)
    You need to install this profile to prevent access to Security & Privacy" from Security Preferences. This will prevent you from removing Sophos permissions:
    Don't forget to edit the file with TextEdit and change the removal password. The default password is nofap
    That's it!

    Does not work on Big Sur.
    Official link for the latest 6.0.x version:

    Setting up Forticlient for OS X (IMPORTANT):

    As I mentioned in the windows section above, the newer versions of Forticlient sets youtube to STRICT mode which makes youtube useless. So we'll have to edit forticlient settings:[email protected]/49929387771/in/album-72157714433295158/

    (Note that you might need to disconnect and reconnect to Wifi/Ethernet for forticlient to start working for the first time)

    Prevent removal of forticlient:
    Use fapsecure to prevent deletion of FortiClient files.
    Last edited: Aug 17, 2022
  2. the300clean

    the300clean Fapstronaut

    that's a good start. but all of this text wall is confusing. i am not sure if all the blockers can prevent me from factory reset, or by other bypass. and it am not sure what is special about any one of them compared to the others.

    maybe you should give each filtering the following headlines:
    1. basic description.
    2. how to install
    3. way to bypass the blocker, and how to prevent it.
    4. advantages/disadvantages.
    sinner76 likes this.
  3. sinner76

    sinner76 Fapstronaut

    You're totally right. I have noticed that most people don't reach the blockers at the end cuz it's very long. I'll do it but I think that I should edit other stuff right now before I forget. Thanks a lot for your opinion, man. I hope other people also give feedback ,and share bypasses and useful apps.
    To prevent factory reset, you'll need to password protect the recovery mode which is the last thing in the post. It would take you an hour to find it, if you started reading from the top..
    Last edited: Jan 20, 2022
  4. OhWhenThe

    OhWhenThe Fapstronaut

    Is that the "Block Time & Language settings when a block is enabled" option?
    sinner76 likes this.
  5. sinner76

    sinner76 Fapstronaut

    OhWhenThe likes this.
  6. zakhmisher

    zakhmisher New Fapstronaut

    Hi Fapsecure new version isnt' working on Macos Monterey Beta. The older fapsecure now shows payload identifier error when installing profiles.
  7. sinner76

    sinner76 Fapstronaut

    What is not working exactly? DNS IPv4 enforcement or app blocking?
    Forget about that profile. I added the secure DNS payload to the macOS filtering profile, but it will probably also fail to install on Monterey. I need to upgrade my OS to see what is going on but I'll have to wait for the public release for financial reasons.
    Last edited: Oct 14, 2021
  8. zakhmisher

    zakhmisher New Fapstronaut

    Hi DNS leak test seems to suggest that cleanbrowsing is working but it is not blocking any site.
    I have upgraded by participating in the beta program for the macos.
  9. sinner76

    sinner76 Fapstronaut

  10. JaJeJo

    JaJeJo New Fapstronaut

    Hi, current version of Fapsecure doesn't seem to enable reddit or block other search engines, because whilst the guide here doesn't say that now, the how to use.txt still does. Is this normal behavior?
    Am using MacOS Mojave 10.14.5
  11. sinner76

    sinner76 Fapstronaut

    The old fapsecure enabled reddit by editing the hosts file. I mentioned how to do it using switch hosts. I removed it from fapsecure to allow people to customize the hosts file according to their needs. Some people want images on reddit, others want it completely blocked.

    Sorry, I will have to edit the howtouse file in the next update.
    JaJeJo likes this.
  12. JaJeJo

    JaJeJo New Fapstronaut

    Ah, okay. I got a 'new' refurbished macbook yesterday and installed the latest version of fapsecure straight away, but tested it out because it seemed very different (at the time knowing I still couldn't access reddit and still view other search engines) but anyhow also found 3 loopholes getting around this fapsecure version that were not present with the older version and even managed to remove the dns entirely and managed to access everything again and annoyingly relapsed, Is it possible to still get the old version as it was? Thank you
    sinner76 likes this.
  13. sinner76

    sinner76 Fapstronaut

    I will send you a pm.
  14. iamShinra

    iamShinra Fapstronaut

    do I need pluckeye to run fapsecure?
  15. iamShinra

    iamShinra Fapstronaut

    I've installed and setup fapsecure but not pluckeye cuz it does not support my Current mac version
    sinner76 likes this.
  16. issuespleasehelp

    issuespleasehelp New Fapstronaut

    Is there a version of fapsecure without the 4 hour uninstall time (so password only)
    Because otherwise it kinda defeats the purpose of having a lockbox if you can disable it in 4 hours anyway
    Last edited: Nov 23, 2021
    sinner76 likes this.
  17. FootballingGenius

    FootballingGenius New Fapstronaut

    Hey, so i got the Force DNS downloaded as well as fapsecure, I then wanted to uninstall these apps because of youtube and it blocking some of my work sites that I need. So I uninstall fapsecure but ForceDNS is still active, its super frustrating. How do I get this done?
    sinner76 likes this.
  18. sinner76

    sinner76 Fapstronaut

    Actually pluckeye will work on Big Sur and Monterey if you disable System integrity protection. You could google it if you're interested.
    Koli Pratham likes this.
  19. hey m8, thanks for the great advise. id like to import your block list into cold turkey blocker but i cant figure out how to do it. unfortunatly the sceenshot is down. could you reupload it?
  20. HeraklesStrong

    HeraklesStrong New Fapstronaut

    Fantastic and thorough list of blockers!!! Than you so much!

    Question: Does anyone know how to disable rebooting in "Safe Mode" on a Mac with an Apple M1 chip? Note that Safe Mode is different than Recovery Mode.

    With the M1 chip, there is unfortunately no longer a Firmware password. But I've blocked booting in Recovery Mode by creating an Admin account (and making the account I use a Standard User) and then placing pieces of the very long password in different lockboxes, which would take me a very long time to retrieve. This blocks me from accessing Safari in Recovery Mode and also from erasing the hard drive and installing a new version of MacOS.

    However, I can still boot in Safe Mode which doesn't load key blockers on startup. There has to be a way to block or disable it, right?

    Would be beyond grateful if someone were to help me out.

Share This Page