How to Fix macOS Sequoia Firewall Issue?

Mac-OS-Sequoia

After upgrading to MacOS Sequoia (MacOS 15), many users have encountered issues with the built-in firewall. Specifically, users report being unable to edit certain firewall entries, and in some cases, the firewall is blocking apps like Firefox, Chrome and Terminal from accessing the internet, even after permissions are granted. These problems have caused frustration among users relying on these applications for daily use.

What's the Problem?

The firewall in MacOS Sequoia appears to have a bug that blocks outgoing and incoming connections for several apps, despite users allowing them through the firewall settings. Some apps that should be allowed, such as web browsers are automatically blocked, and the firewall does not permit users to modify these entries. This issue has been particularly prominent among users who had the firewall enabled before upgrading from previous MacOS versions.

Several reports indicate that:

  • Apps like Firefox and Chrome stop working unless the firewall is disabled
  • Manually adding or modifying firewall rules often doesn’t persist after restarting the system
  • The issue is likely a bug introduced in McOS Sequoia that has yet to be patched
Sequoia Firewall Rules
Sequoia Firewall Rules
Temporary Workaround:

While we are all eagerly waiting for an official update from Apple but there are a few workarounds that can be used to temporarily fix the issue:

1. Manually Whitelist App:

You can use following Terminal command to add applications to the firewall exceptions list, bypassing the issues in the graphical user interface (GUI).

					sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/<ApplicationName>.app

## few examples ##

# terminal
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /System/Applications/Utilities/Terminal.app

# firefox
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Frefox.app

# google chrome
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Google\ Chrome.app

# safari
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Safari.app

# microsoft edge
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Microsoft\ Edge.app

# slack
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Slack.app

# photoshop
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Adobe\ Photoshop\ 2024/Adobe\ Photoshop\ 2024.app


				
2. Disable the Firewall:

If the terminal command doesn’t work, or if the issue persists across multiple apps, you can temporarily disable the firewall:

  1. Go to System Settings > Network > Firewall.
  2. Click the padlock to unlock the settings and disable the firewall.

While this is not an ideal solution but it allows your apps to function until Apple releases an official patch.

Conclusion

This firewall issue highlights the importance of thoroughly testing system updates, particularly when they affect critical tools like security settings. While disabling the firewall isn’t an ideal solution, it’s a necessary step for many users until Apple rolls out a permanent fix.

Keep following updates from Apple and trusted tech sources to stay informed about when this issue will be resolved.

For now, these workarounds should help you maintain functionality while keeping your apps running smoothly in MacOS Sequoia

A Guide to TCC Services on macOS Sequoia 15.0

macOS Sequoia 15.0 Privacy & Security Services
Basics of TCC Services on macOS

MacOS is known for its strong privacy and security features. One of the ways it ensures users are in control of their data and system resources is through TCC (Transparency, Consent, and Control) services. These services govern which apps can access sensitive information or interact with system-level resources such as your camera, microphone, contacts, and more. If you’ve ever used an app on MacOS and were asked for permission to access something like your location or calendar, that interaction is managed by the TCC framework.

In this guide, we’ll explore what TCC services are, why they matter, and complete list of all services of MacOS Sequoia 15.0.

What Are TCC Services?

TCC services control the permissions that apps request on MacOS. When an app tries to access something sensitive like your microphone or contacts, MacOS prompts you to grant or deny that access. This is a key part of how MacOS maintains user privacy and transparency, ensuring that apps only gain access to what you’ve approved.

These permissions cover a wide array of services, including:

  • Camera: Needed by apps like Zoom, FaceTime, or photo editors.
  • Microphone: Used by apps for recording audio, video conferencing, or speech recognition.
  • Contacts: Apps such as messaging platforms or email clients often need access to your contacts.
  • Bluetooth: Apps connecting to wireless accessories like headphones, speakers, or fitness devices will require Bluetooth permissions.

TCC services are essential to keeping apps from overstepping their boundaries, making sure that any sensitive data access is done with your explicit consent.

Role of TCC Services

The primary role of TCC services is to ensure that users remain in control of their privacy, preventing apps from accessing information they don’t have permission for. With cyber threats and data privacy concerns rising, having these checks and balances in place is critical.

For instance, without TCC services, an app could theoretically access your camera or microphone without you knowing. TCC database is protected by SIP and designed in such a way that, even a user with root permissions cannot modify it. MacOS will always prompt you before an app can use these features, making sure your device and personal data are secure.

TCC services also help maintain transparency. You can always review which apps have access to which services in System Settings > Privacy & Security > Privacy. This also allows you to revoke permissions from any app that you no longer trust.

List of TCC Services on MacOS Sequoia 15.0
TCC Service
Description
kTCCService
General TCC service identifier.
kTCCServiceAccessibility
Allows client to control computer.
kTCCServiceAddressBook
Allows access to the address book (contacts).
kTCCServiceAll
Provides access to all TCC services.
kTCCServiceAppleEvents
Grants access to send Apple Events.
kTCCServiceAudioCapture
Allows capturing audio input.
kTCCServiceBluetoothAlways
Allows Bluetooth access at all times.
kTCCServiceBluetoothPeripheral
Grants access to Bluetooth peripherals.
kTCCServiceBluetoothWhileInUse
Allows Bluetooth access only while in use.
kTCCServiceCalendar
Grants access to the calendar.
kTCCServiceCalls
Provides access to call-related features.
kTCCServiceCamera
Client would like to access the camera.
kTCCServiceContactlessAccess
Allows access to contactless device features.
kTCCServiceContactsFull
Grants full access to contacts.
kTCCServiceContactsLimited
Allows limited access to contacts.
kTCCServiceCrashDetection
Provides access to crash detection features.
kTCCServiceDeveloperTool
Access to developer tools and debugging features.
kTCCServiceEndpointSecurityClient
Allows access to endpoint security services.
kTCCServiceExposureNotification
Grants access to exposure notifications (e.g., COVID alerts).
kTCCServiceExposureNotificationRegion
Region-specific exposure notification services.
kTCCServiceFSKitBlockDevice
Access to block device management in FSKit.
kTCCServiceFaceID
Allows access to FaceID services.
kTCCServiceFacebook
Provides integration with Facebook services.
kTCCServiceFallDetection
Grants access to fall detection features.
kTCCServiceFileProviderDomain
Allows access to file provider domains.
kTCCServiceFileProviderPresence
Provides access to file provider presence data.
kTCCServiceFinancialData
Grants access to financial data.
kTCCServiceFocusStatus
Allows checking the user’s Focus Status.
kTCCServiceGameCenterFriends
Grants access to Game Center friends.
kTCCServiceKeyboardNetwork
Allows keyboard network access.
kTCCServiceLinkedIn
Provides integration with LinkedIn services.
kTCCServiceListenEvent
Access to listen to system-level events.
kTCCServiceLiverpool
Internal service identifier related to Liverpool feature.
kTCCServiceMSO
Grants access to mobile service operator features.
kTCCServiceMediaLibrary
Access to the user’s media library.
kTCCServiceMicrophone
Client would like to access the microphone.
kTCCServiceMotion
Provides access to motion sensors and data.
kTCCServiceNearbyInteraction
Grants access to nearby interaction services.
kTCCServicePasteboard
Allows access to the clipboard (pasteboard) data.
kTCCServicePhotos
Client would like to access the photos library.
kTCCServicePhotosAdd
Allows adding photos to the library.
kTCCServicePostEvent
Provides ability to post events to the system.
kTCCServicePrototype3Rights
Internal service identifier for prototype rights (version 3).
kTCCServicePrototype4Rights
Internal service identifier for prototype rights (version 4).
kTCCServiceReminders
Grants access to reminders.
kTCCServiceRemoteDesktop
Allows access to remote desktop features.
kTCCServiceScreenCapture
Provides access to screen capture capabilities.
kTCCServiceSecureElementAccess
Grants access to secure element (e.g., NFC) functions.
kTCCServiceSensorKitAmbientLightSensor
Provides access to ambient light sensor data.
kTCCServiceSensorKitBedSensing
Allows access to bed sensing data.
kTCCServiceSensorKitBedSensingWriting
Grants ability to write bed sensing data.
kTCCServiceSensorKitDeviceUsage
Provides access to device usage data.
kTCCServiceSensorKitElevation
Grants access to elevation sensor data.
kTCCServiceSensorKitFacialMetrics
Allows access to facial metrics data.
kTCCServiceSensorKitForegroundAppCategory
Grants access to foreground app category data.
kTCCServiceSensorKitHistoricalCardioMetrics
Allows access to historical cardio metrics.
kTCCServiceSensorKitHistoricalMobilityMetrics
Grants access to historical mobility metrics.
kTCCServiceSensorKitKeyboardMetrics
Provides access to keyboard metrics.
kTCCServiceSensorKitLocationMetrics
Allows access to location metrics data.
kTCCServiceSensorKitMessageUsage
Grants access to message usage data.
kTCCServiceSensorKitMotion
Provides access to motion sensor data.
kTCCServiceSensorKitMotionHeartRate
Grants access to heart rate metrics via motion sensors.
kTCCServiceSensorKitOdometer
Allows access to odometer data.
kTCCServiceSensorKitPedometer
Grants access to pedometer data.
kTCCServiceSensorKitPhoneUsage
Provides access to phone usage data.
kTCCServiceSensorKitSoundDetection
Allows access to sound detection services.
kTCCServiceSensorKitSpeechMetrics
Grants access to speech metrics.
kTCCServiceSensorKitStrideCalibration
Allows stride calibration via sensors.
kTCCServiceSensorKitWatchAmbientLightSensor
Provides access to watch’s ambient light sensor data.
kTCCServiceSensorKitWatchFallStats
Grants access to fall statistics via the watch.
kTCCServiceSensorKitWatchForegroundAppCategory
Allows access to the foreground app category on watch.
kTCCServiceSensorKitWatchHeartRate
Grants access to heart rate metrics via the watch.
kTCCServiceSensorKitWatchMotion
Provides access to watch motion sensor data.
kTCCServiceSensorKitWatchOnWristState
Allows access to the on-wrist state of the watch.
kTCCServiceSensorKitWatchPedometer
Grants access to watch pedometer data.
kTCCServiceSensorKitWatchSpeechMetrics
Provides access to speech metrics via the watch.
kTCCServiceSensorKitWristTemperature
Allows access to wrist temperature sensor data.
kTCCServiceShareKit
Grants access to ShareKit services for content sharing.
kTCCServiceSinaWeibo
Provides integration with Sina Weibo services.
kTCCServiceSiri
Grants access to Siri-related services.
kTCCServiceSpeechRecognition
Allows access to speech recognition features.
kTCCServiceSystemPolicyAllFiles
Grants access to all system files.
kTCCServiceSystemPolicyAppBundles
Allows access to application bundles.
kTCCServiceSystemPolicyAppData
Grants access to app-specific data.
kTCCServiceSystemPolicyDesktopFolder
Allows access to the desktop folder.
kTCCServiceSystemPolicyDeveloperFiles
Grants access to developer-related files.
kTCCServiceSystemPolicyDocumentsFolder
Allows access to the documents folder.
kTCCServiceSystemPolicyDownloadsFolder
Provides access to the downloads folder.
kTCCServiceSystemPolicyNetworkVolumes
Grants access to network volumes.
kTCCServiceSystemPolicyRemovableVolumes
Allows access to removable volumes.
kTCCServiceSystemPolicySysAdminFiles
Grants access to system administration files.
kTCCServiceTencentWeibo
Provides integration with Tencent Weibo services.
kTCCServiceTwitter
Allows integration with Twitter services.
kTCCServiceUbiquity
Grants access to iCloud ubiquity services.
kTCCServiceUserAvailability
Allows access to user availability information.
kTCCServiceUserTracking
Provides access to user tracking services.
kTCCServiceVirtualMachineNetworking
Grants access to virtual machine networking services.
kTCCServiceVoiceBanking
Allows access to voice banking services.
kTCCServiceWebBrowserPublicKeyCredential
Grants access to public key credentials for web browsers.
kTCCServiceWebKitIntelligentTrackingPrevention
Provides WebKit intelligent tracking prevention services.
kTCCServiceWillow
Internal service identifier related to Willow feature.

* Check the complete list on Github.

Fetching the Latest TCC Service List

Apple can change TCC services without any notice. You can follow below guidelines to fetch the latest list of TCC services on your system.

					```bash
cd /System/Library/PrivateFrameworks/TCC.framework/Support
strings tccd | grep -iEo "^kTCCService.*" | sort
```
				
Practical Uses of TCC Services

TCC services are used in a variety of scenarios:

  • Developers: Need to understand how their apps will request permissions for certain functionalities, such as accessing the camera for a video-calling app.
  • Security-conscious users: May want to ensure that no apps have been granted unnecessary access to sensitive data, like their contacts or messages.
  • Everyday macOS users: Should familiarize themselves with how to control app permissions to maintain their privacy, especially when downloading new apps.
Final Thoughts

The TCC framework plays a crucial role in keeping MacOS users safe by providing transparency and control over the data and services apps can access. As a user, understanding these services and how to manage them is essential to ensuring your privacy.

Remember that the list of TCC services may change over time as MacOS evolves, and new services are introduced. If you’re using a version of MacOS newer than Sequoia 15.0, you can check for updated services by querying the TCC database to ensure you have the latest permissions and settings. And while most services have been confirmed, not all of them are manually verified, so if you encounter any discrepancies, it’s a good idea to report them.

Taking the time to manage TCC permissions will give you peace of mind and help protect your personal information on your Mac Operating System.

Export All URLs – Efficient URL Management for WordPress

Export All URLs

Managing a WordPress website can be a daunting task, especially when it comes to handling and organizing URLs. Whether you’re a seasoned webmaster or a beginner, the Export All URLs plugin for WordPress is an essential tool that simplifies URL management, enhances SEO efforts, and ensures a seamless content migration process. In this article, we’ll explore the key features, benefits, and practical applications of the Export All URLs plugin, and how it can make your WordPress website management quick and simple.

Key Features

The Export All URLs plugin offers a range of features designed to make URL management straightforward and efficient. One of the standout features is its ability to extract URLs from various parts of your WordPress site, including posts, pages, and custom post types. This approach ensures that no URL is left behind, providing a complete list for your needs.

Customization is another major advantage of the Export All URLs plugin. You can tailor the export process to suit your specific requirements by selecting particular post types, filtering by categories and tags, and including additional metadata such as post titles, IDs, and statuses. This level of customization makes it an invaluable tool for SEO professionals who need detailed URL data for analysis, seo, security and optimization.

Simplifying SEO and Content Migration

One of the primary uses of the Export All URLs plugin is to enhance your site’s SEO. By providing a complete list of your site’s URLs, you can easily identify and optimize your URL structure, ensuring better search engine rankings. The ability to export URLs in CSV and TXT formats allows for easy integration with SEO tools and software, facilitating a more efficient optimization process.

The content migration is another area where the Export All URLs plugin shines. When moving content from one site to another, having a complete list of URLs ensures that all links are accounted for, reducing the risk of broken links and maintaining the integrity of your site’s structure. This feature is particularly useful for web developers and content managers overseeing large-scale migrations.

Backup and Security

Creating backups of your site’s URLs is crucial for maintaining site security and integrity. The Export All URLs plugin allows you to generate a comprehensive backup of all URLs, ensuring you have a safety net in case of data loss or site changes. This feature provides peace of mind, knowing that you have a reliable record of all your site’s links.

Easy Installation and Compatibility
Installing and using the Export All URLs plugin is fairly straight forward task, as proven by over few dozens of reviews. Simply navigate to the WordPress plugin repository, search for “Export All URLs,” and click install. Once activated, the plugin integrates seamlessly with your WordPress dashboard, providing a simple and intuitive interface for managing URL exports. The plugin is designed to be compatible with almost all WordPress themes and plugins, and regular testing & updates ensure any discovered issue is fixed at priority.
Conclusion

In conclusion, the Export All URLs plugin is an indispensable tool for any WordPress user looking to streamline URL management, enhance SEO efforts, and ensure smooth content migration. Its features, ease of use, and robust customization options make it a must-have for webmasters, SEO professionals, and content managers alike.

By integrating the Export All URLs plugin into your WordPress toolkit, you can take control of your site’s URLs, optimize your SEO strategy, and safeguard your content. Don’t let URL management become a daunting task, simplify it with the Export All URLs plugin and enjoy a more organized and efficient WordPress experience.

Changelog
4.7.1
  • Compatibility – test with WordPress 6.7-alpha-58656
4.7
  • Added – support for the translation
  • Compatibility – tested with WordPress 6.4
  • Improvement – better organization and several code refinements
4.6
  • Fixed – reflected cross-site scripting vulnerability
  • Compatibility – tested with WordPress 6.2.2
4.5
  • New – additional export fields added (tags, author, published, and modified date)
  • New – option to retain selected options (no reset to default upon exporting)
  • Improvement – backend code refinement
  • Compatibility – minor adjustments for PHP 8.1 compatibility
  • Compatibility – tested with WordPress 6.2
4.4
  • Added – additional verification for file removal to patch a security issue
  • Compatibility – tested with wordpress 6.0.1
4.3
  • Added – overall security and stability improvements
  • Compatibility – tested with wordpress 5.9.2
4.2
  • Fixed – patched a security vulnerability
  • Removed – file path customization option
  • Compatibility – tested with wordpress 5.9.1 & PHP 8.1
4.1
  • Added – option to remove woo commerce extra attributes from categories
  • Tweak – bit of formatting adjustments
  • Added – some default settings
  • Compatibility – tested with wordpress 5.4.2
4.0
  • Added – export post IDs
  • Added – exclude domain URL
  • Added – complete support of custom post type categories
  • Tweak – small dashboard design improvements
  • Added – enables user to delete the file once downloaded
  • Compatibility – wordpress 5.4 and php 7.3
  • Tweak – migrated under tools options, instead of settings
  • Added – displays total number of links
  • Added – new easy ways to report problem or bug
  • Fixed – conflict with “Security Header” & “Elementor” plugin
  • Fixed – typo on settings page
  • Added – extra verification checks
3.6
  • Added – filter data by date range
  • Tweak – some general activation improvements
  • Compatibility – tested with 5.1.1
3.5
  • Added – allow users to customize file path and file name
  • Fixed – grammatical mistake
  • Compatibility – tested with 4.9.7
3.0
  • Added – filter data by author
  • Added – specify post range for extraction
  • Added – generates random file name
  • Compatibility – tested with 4.9.2
2.6
  • Fixed – variable initialization errors
  • Compatibility – tested with 4.9
2.5
  • Added – support for selecting post status
  • Compatibility – tested with 4.7.5
2.4
  • Fixed – fatal error bug fixed
  • Compatibility – tested with wordpress 4.7.2
2.3
  • Fixed – categories export, (only first category was exporting)
  • Compatibility – tested with wordpress 4.7
2.2
  • Added – support for wordpress 4.6.1
2.1
  • Fixed – special character exporting for Polish Language
2.0
  • Added – support for exporting title and categories
1.0
  • initial release