<This is the first of a three part series on how to lock your Apple products for porn filtering purposes. This particular post is about how to configure your physical machine and operating system (OS).>

The Need & Solution

As a long-time power user with a former professional career in IT (roles ranging from support to engineering to management), I have spent years testing and developing solutions to create an optimal environment to secure against unbridled access to the internet.  The newer variable of smartphones made things even more complicated, as the solution had to be expanded to include coverage for both.  For example, machines running Microsoft Windows can be secured, however the Windows phone OS cannot be secured.  My experiences have yielded the Mac + iOS device (iPhone, iPad, iPod) combination as the optimum, if not only, solution.  The below is the first of a three part series on how to configure this combination. 

Configuring your Mac

I do not use the Parental Controls features built-in to Mac OS X, as I have found them to be insufficient and unfortunately problematic.  Instead, I have developed the following solution for creating a secure, yet fully-functional, operating environment.  There are four key components to securing your Mac in regards to limiting access to web content:

First, set a firmware password. Click here for detailed steps on how to do this. 

Second, create properly leveled user accounts. There needs to be a minimum of two user accounts; a STANDARD account for the primary user, and an ADMIN account for the accountability partner. Also make sure the guest user is disabled.  Click here for detailed steps regarding configuring user accounts. 

Note that the above steps are basically the same for the latest versions of OS X (Mavericks, Yosemite, El Capitan), however the options are slightly different for Mountain Lion. 

Third, disable "Find My Mac". Goto System Preferences -> iCloud and then scroll towards the bottom of the list and make sure "Find My Mac" is NOT selected.

Fourth, Install and configure K9 Web Protection. This is a somewhat detailed process, so I have created a separate blog post for it. 

Fifth (optional):  If you are using a VM software (if you don’t know what this means then you probably don't have to worry about it), then you need to make changes there too. For example, using Parallels Desktop go to Preferences -> Security and select "Require a Password" to all options listed . Make sure the padlock is closed when you are done.  Additionally, if you are using a VM, make sure the network configuration is set to “Shared” with the host OS. This eliminates the need to separately install K9 on the VM.

A few important things to note:

There are two basic options here. Option A is to have the administrator enter their password whenever required. 

TIP:  If you only have time-limited access to your accountability partner, it may be helpful to create a To-Do list in order to make sure you get it all done at once. "I need to update my Adobe Flash Player, install Microsoft Office, and make multiple adjustments to my K9. Can you come over and stay for about 30 mins to help with this?"

Option B is to temporarily adjust the primary user's account level from Standard to Administrator.  To do this, click on the padlock icon at the bottom of the Users & Groups widow (in System Preferences), and enter the accountability partners name and password in order to unlock this section. Then select primary the user account and check “Allow user to administer this computer”. When you are done making changes, the accountability partner will need to login and restore the users Standard mode by reversing the above steps.  Honesty and discipline is required here.

TIP:  I’ve found that it's often required to click the box twice in order to deactivate the “Allow user to administer this computer” checkbox. Also, once done, make sure the padlock icon at the bottom of the page is locked. 

Technology is ever changing and advancing. As such, this solution is an iterative process, and there will periodically be new updates to install, configurations to make, printers to add, etc. So be aware that this will create occasional inconveniences. For example, as previously mentioned, an administrator password is required for many system level changes, some seemingly minor and unrelated to the present goals such as Energy Saver or Printers & Scanners. Don’t allow this inconvenience to be an excuse to avoid the entire solution.  If you are considering this solution, it is likely because you have determined that you need help creating a barrier between yourself and unending, mind-numbing, adult content on the internet. Do it and stick with it!