OS X Server: How to enable the adaptive firewall

Learn how to enable the adaptive firewall in OS X Server.

The adaptive firewall helps prevent entry to your computer by unauthorized users over your network connections. OS X Server uses an adaptive firewall that dynamically generates a firewall rule if a user or an IP address generates 10 consecutive failed login attempts.

  1. Run these commands on the server as an admin user to enable the adaptive firewall.

    • For OS X Server on OS X Mavericks or Yosemite:

      sudo pfctl -f /etc/pf.confsudo /Applications/ enable /Applications/ -csudo /Applications/ -f
    • For OS X Server on OS X Mountain Lion or Lion:

      sudo pfctl -f /etc/pf.confsudo /Applications/ enable /Applications/ -f
  2. Edit /System/Library/LaunchDaemons/ so that pfctl(8) is invoked with the -e flag. This will automatically enable the packet filter the next time the server boots. This can be accomplished with these commands:

    sudo defaults write /System/Library/LaunchDaemons/ ProgramArguments '(pfctl, -f, /etc/pf.conf, -e)'sudo chmod 644 /System/Library/LaunchDaemons/ plutil -convert xml1 /System/Library/LaunchDaemons/
Last Modified: Oct 17, 2014
  • Last Modified: Oct 17, 2014
  • Article: HT200259
  • RADAR: 12117251, 14871822 View >
  • Views:

  • Rating:
    • 20.0

    (1 Responses)

Additional Product Support Information

Start a Discussion
in Apple Support Communities
See all questions on this article See all questions I have asked