Automatic brute-force protection
HearthGate can watch failed SSH attempts and temporarily block noisy source IPs before they keep hammering the Mac.
HearthGate 1.3 is live
Smarter network defense, dynamic DNS keys, and session limits that keep working.
Version 1.3 makes secure Mac remote access easier to operate in the real world: changing home IPs, bot scans, temporary contractors, and multi-Mac policy restore are handled with less manual cleanup.
Dynamic DNS key scopes
Bind a key to a hostname instead of a fixed public IP, so home and studio connections survive ISP address changes.
Limits keep working mid-session
Expiration dates and time windows are no longer only checked at login. If the allowed window closes, the session can close too.
Full policy backup and restore
A password-protected HearthGate backup can carry network security, key limits, disabled keys, and policy state to another Mac.
Network Security
Fewer open doors, more visible decisions.
HearthGate 1.3 adds a practical network-defense layer around the Mac-side SSH entry path. It does not pretend your Mac is a full SIEM; it gives you focused controls for remote access.
Automatic response
Brute-force protection
Set the failed-login threshold, time window, and block duration. When an IP crosses the line, HearthGate can block it and record the event.
Operator control
Manual IP blocklist
Block known-bad IPs or CIDR ranges yourself, with temporary or persistent entries and guardrails that help prevent blocking your own Mac by accident.
Visible decisions
System events log
Auto-blocks, releases, manual blocks, brute-force setting changes, hook runs, exports, imports, and key-policy events can be reviewed in one place.
Operational examples
What changed in practice?
These are the kinds of everyday remote-access problems HearthGate 1.3 is designed to absorb.
Use case
A home IP changes overnight
Your router gets a new public IP, but your DDNS hostname updates. A hostname-scoped key still matches the intended path, so you are not locked out by an ordinary ISP change.
Use case
A contractor reaches the end of the window
The key was allowed until Friday at 18:00. If the session is still open after that, HearthGate can close it instead of waiting for a reconnect.
Use case
A bot keeps guessing at SSH
After repeated failed attempts, HearthGate blocks the source for the configured duration and leaves a system event you can review later.
Backup and polish
Policy moves with the Mac, not with your memory.
The password-protected .hgex backup format carries more of HearthGate security state: key limits, disabled keys, network-security settings, manual blocks, and policy data.
Release notes at a glance
- System Controls opens more reliably when a VNC session is already active at app launch.
- Temporary IP-block countdowns stay visible and easier to follow.
- Revoked key metadata is cleaned up, so re-adding a key starts from a clean policy state.
- Network Security rows and setup controls received visual alignment polish.
HearthGate 1.3