What this plugin actually does

Network Rate Limiter watches a few high-risk WordPress endpoints and slows or blocks abusive clients per IP. It’s designed for multisite networks, but it works on single sites too. The idea is clamp down on bad traffic while allowing legitimate users to access the site without interruption. It's not sophisticated, for rotating IP spam but really stops a lot of the agent based behavior that can cause issues. This is more of an issue thanks to AI.

• Protected endpoints: /wp-login.php, /xmlrpc.php, /wp-admin/admin-ajax.php, and anything under /wp-json/.
• Safe by default: logged-in admins, WP-Cron, Site Health, and HTTP OPTIONS/HEAD requests are skipped.
• Time-aware: you choose a “daytime” window with stricter limits; outside of it, limits relax automatically.
• Progressive: repeat violators get longer blocks (exponential backoff) that decay after a probation period.
• Multisite-friendly: network-wide defaults with per-site overrides.

How rate limiting is counted (no hand-waving)

Instead of a brittle “one counter per minute,” the plugin uses a two-bucket approximation of a sliding window:

1. One bucket counts requests in the current minute.
2. Another holds the previous minute’s count.
3. The final score is current + a time-weighted slice of the previous bucket (the part that still overlaps the last 60s).

Result: spikes right after a reset still count, and legitimate traffic isn’t penalized by harsh window edges. This keeps easy interval detection at bay from a bot's perspective.

What triggers a block

• Per-endpoint thresholds: each endpoint/method has a soft and hard limit per minute. At night, thresholds double.
• Soft limit: returns 429 and starts exponential backoff for that IP.
• Hard limit: immediate block (longer backoff).
• Global clamp: if an IP is hammering any mix of protected endpoints overall, it’s blocked even if no single endpoint trips.

Backoff math: blocks start short (e.g., 2 minutes) and double on each violation, up to a max (e.g., 60 minutes). The “violation score” auto-expires after your configured probation window, so well-behaved IPs cool off. I imagine people will fork this and change this behavior on their own.

Legit traffic stays legit

• Verified search engines: Google/Bing are allowed only if both checks pass:
  1. User-Agent hints it’s the right bot (e.g., Googlebot, bingbot), and
  2. Reverse DNS ends with an expected domain (.googlebot.com, .search.msn.com) and forward DNS resolves back to the same IP.
  Cached per site and per IP for up to 7 days (subject to transient eviction). UA must still match on each request.
• Allowlists you control:
  • IP or CIDR (IPv4/IPv6)
  • Reverse-DNS suffixes with forward confirmation
  • User-Agent substrings (use with care; UAs are spoofable)
  • Specific REST prefixes (under /wp-json/)
  • Specific admin-ajax actions (e.g., heartbeat)
• Secret header bypass: give your monitors a header like X-NetRL-Bypass: your-long-random-token and they’ll skip the limiter.

It comes prepopulated with commonly "good" bots whitelisted, like Google, Bing, various SEO tools and so on.

What clients see (headers)

Every protected response includes standard rate-limit hints:

• X-RateLimit-Limit – the current hard limit
• X-RateLimit-Remaining – how many requests are left in the window
• X-RateLimit-Window – window duration in seconds (60)
• On block: Retry-After and X-RateLimit-Reset (epoch timestamp)

Multisite behavior

• Network Defaults: set once in Network Admin; good baseline for all sites.
• Per-site Settings: each site can override (or inherit where left blank).
• Per-IP scope: counters and blocks are tracked per site; the “global clamp” is per IP within a site’s protected endpoints.

Operational notes

Nerd stuff, you can skip this unless you really care.

• Atomic counters with object cache: Redis/Memcached make increments race-safe. Without them, the plugin falls back to transients (fine for “soft” protection).
• Logging: optional JSON lines go to the PHP error log (blocks, and optionally bypasses) and a netrl_log_event action fires for shipping to APM/log pipelines.
• Timezones: daytime hours use the site’s timezone. If none is set, it defaults to America/Los_Angeles.
• Security of client IP: the plugin prefers CF-Connecting-IP, X-Real-IP, then X-Forwarded-For (left-most public), then REMOTE_ADDR. Ensure your proxy/CDN is trusted before honoring headers.

Why this approach?

There are a zillion ways to do rate limiting. This plugin aims for a practical balance of effectiveness, simplicity, and low friction for legitimate users. It’s not perfect, but it works well in practice and stopped an outage that seemed to be occuring weekly. While our AppDex scores are still terrible, they're remarkably less terrible.

• Resilient under bursts: the two-bucket window smooths edge cases without heavy math.
• Fair to humans and APIs: daytime/night profiles match your traffic patterns.
• Practical ops: easy allowlists, real bot verification, headers for observability, and simple logs/hooks.
• Safe defaults, sane overrides: works out-of-the-box; tune it as you learn your traffic.

Adblockers: I assume a majority of my audience uses them, such as Ublock Origin, 1blocker, Ghostery, and so on. The problem is that these require browser extensions, but how will I block ads on my Sony TV or make sure my Hue lights aren't spying on me?

Well, we have an answer: Pi-hole. As the name implies, Pi-hole is a web utility originally designed to run on a Raspberry Pi, although we can run it almost anywhere. I'll cover first on a Mac and then a few other devices, and it's really set up. Like, we are talking about 5 minutes.

Pi-hole blocks pesky advertisements and data harvesting by replacing your domain name server with your own self-hosted option that intercepts DNS requests before passing them to another DNS server. To break that down into plain speak, when you type in "YouTube.com," a domain name server functions like a phone book for every name and returns a number, something I now realize my younger audience probably hasn't ever seen before... I think I have a better analogy: it's like a digital map. Ask it where Jacksonville, Oregon is, and it returns coordinates as a long and lat from a database of all the cities in the world. The same thing happens with a DNS. It contains a list of all the IPs associated with every domain name worldwide.

Pi-hole maintains lists of known hosts for advertisements. If a request asks for a domain on the blocklist, it returns a null or fake address, thus preventing an advertisement or tracking script from loading.

This approach is awesome because it's platform agnostic. It requires manually configuring your devices or home network to use the Pihole instead of a regular DNS.

Pi-hole has a nice, easy-to-use interface that is also easy to adjust so you can whitelist potential sites.

The Tutorial

I have a MacBook 2017, and like all Intel Macs, it'll soon be unable to run modern macOS, even with OpenCore. The MacBook 2017 is an oddball model. I love this machine, but it's pretty underpowered, so there's not really a huge use case for it. It has one thing that makes it exceptionally attractive: a power draw. This guy can only draw 29w max but generally draws more than 10w even with the display on. Plus, its CPU is positively monstrous compared to the CPUs found in Raspberry Pis.

If you don't have an old Mac, I suggest getting a Raspberry Pi Zero 2 W as they're under $25, and the official Raspbery Pi website has an excellent tutorial/

Step 1: We need docker. Grab it from the official site Docker is a utility that lets you run containers and think of micro virtual machines. Download it and install it. Docker has Linux and Windows versions as well and I'll touch on the Linux using two different NAS systems.

Step 2: Run the following command below, also on github gist and embedded at the bottom.

docker run -d --name pihole \
 -e TZ=America/Los_Angeles \
 -e FTLCONF_webserver_api_password=MakeSureYouChangeThis \
 -e FTLCONF_dns_upstreams='1.1.1.1;1.0.0.1' \
 -e FTLCONF_dns_listeningMode=all \
 -p 80:80 -p 53:53/tcp -p 53:53/udp -p 443:443 \
 -v ~/pihole/:/etc/pihole/ \
 --dns=127.0.0.1 --dns=1.1.1.1 \
 --cap-add=NET_ADMIN \
 --restart=unless-stopped \
 pihole/pihole:latest
  

What each Docker setting does:

• -d - Runs the container in detached mode (in the background)
• --name pihole - Names the container "pihole" for easy reference
• -e TZ=America/Los_Angeles - Sets the timezone. Other examples: America/New_York, Europe/London, Asia/Tokyo, Australia/Sydney. Find your timezone on Wikipedia's TZ database list
• -e FTLCONF_webserver_api_password=MakeSureYouChangeThis - Sets the admin password for the web interface (change this!)
• -e FTLCONF_dns_upstreams='1.1.1.1;1.0.0.1' - Sets upstream DNS servers (Cloudflare in this case)
• -e FTLCONF_dns_listeningMode=all - Allows Pi-hole to listen on all network interfaces
• -p 80:80 -p 53:53/tcp -p 53:53/udp -p 443:443 - Maps ports from host to container (web interface on 80/443, DNS on 53)
• -v ~/pihole/:/etc/pihole/ - Mounts a local directory to store Pi-hole configuration and data
• --dns=127.0.0.1 --dns=1.1.1.1 - Sets DNS servers for the container itself
• --cap-add=NET_ADMIN - Gives the container network administration capabilities
• --restart=unless-stopped - Automatically restarts the container unless manually stopped
• pihole/pihole:latest - The Docker image to use (Pi-hole's official image)

This will go fast, as this project is very lean.

Step 3: Go to http://127.0.0.1/ and use the password to confirm it's working. We can also see our application in the Docker.

Step 4: On your Mac, change your DNS to 127.0.0.1.

This is done in the system settings, see Apple's documentation as it covers how to, from High Sierra to current.

Step 5: Get your Mac's local IP. Select your network, and then click on details. Click TCP/IP and make a note of your IP address. This is your Mac's IP address. Alternatively you can grab it via the terminal, for most Macs this will be the wifi interface, ipconfig getifaddr en0 however if you have wired internet and wifi, your internet connection could be different. Use ifconfig | grep "inet " | grep -v 127.0.0.1 and make note of the inet addresses.

You can assign this as your DNS server to any device on your internal network, be it a Roku, Smart appliance, or another computer. However, you can set the DNS server to your Mac's IP address if you have a router. This way, all devices on your network will use the Pi-hole as their DNS server.

From my router, I can configure my DNS to use the PiHole. Just point the DNS setting to the Mac. Now, if you're on DHCP, which almost everyone is, your router likely has a setting to reserve an IP for a device. DHCP leases out IPs so they can change. That means a computer might one day be 192.168.10.105 and, after reconnecting or a router reboot, assigned a different IP, 192.168.10.124. If your DNS is set to the old address, this would be a problem, as you wouldn't have a DNS server until it was manually changed. Reserving an IP prevents a device from ever getting a different IP on the local network.

By pointing your home network at your Mac’s Pi-hole, you’ll enjoy ad-free browsing on any device. Go ahead—reserve that Mac’s IP in your router, and reclaim your bandwidth today.

You don't need a Mac

Pi-hole can be run almost anywhere due to it's lightweight nature, and being designed for a Raspberry Pi. This means you can set it up on any Linux machine, Windows, NAS or even in a virtual machine on your existing hardware.

For example, if you have a Synology or Ugreen NAS, you can run Pi-hole in Docker. The process is similar to the Mac setup, but you'll need to use the Synology Docker interface to create and manage your containers.

Instead of using the docker command, you'll want to create a container using a docker-compose file. This is a YAML file that defines the services, networks, and volumes for your application. Here's an example of a docker-compose file for Pi-hole:

version: '3.8'

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      # DNS Ports (using alternative ports to avoid conflicts)
      - "1053:53/tcp"
      - "1053:53/udp"
      # HTTP Port (using alternative port to avoid DSM conflict)
      - "8080:80/tcp"
      # HTTPS Port (using alternative port to avoid DSM conflict)
      - "8443:443/tcp"
    environment:
      # Timezone 
      TZ: 'America/Los_Angeles'
      # Web interface password from your original command
      FTLCONF_webserver_api_password: 'MakeSureYouChangeThis'
      # DNS upstreams (DNS servers you'd like to use)
      FTLCONF_dns_upstreams: '1.1.1.1;1.0.0.1'
      # DNS listening mode
      FTLCONF_dns_listeningMode: 'all'
    volumes:
      # Volume mapping - using full NAS path
      - '/volume1/docker/pihole:/etc/pihole'
    dns:
      # DNS settings from your original command
      - 127.0.0.1
      - 1.1.1.1
    cap_add:
      # Capabilities for network administration
      - NET_ADMIN
    restart: unless-stopped
  

This is a basic example, and you may need to adjust the configuration based on your specific setup and requirements. Once you have your docker-compose file ready, you can use the Docker interface on your NAS to deploy the Pi-hole container. As a pro-tip, AI is excellent for interpreting and diagnosing issues, bew it Claude, ChatGPT, or Gemini.

GitHub Gist versions

For personal record, I like to keep a running log of what few updates I do under-the-hood with this site on the rare chance someone actually is a regular reader. This time I added JSON-LD and limited the index pages now to 15 posts as I have a habit of writing VERY long blog posts that can be extremely brutal on the homepage.

removing jQuery, stupid spam bot solution, complianing about AI, adding dark mode, or general changes

Introduction: The Cable Challenge

About six months ago, LTT (Linus Tech Tips) generously sent me their Magnetic Cable Management system (MCM), but I've been avoiding the inevitable pain of reorganizing my entire setup.

Let's be honest - if you're anything like me, organization isn't our strongest point. So today I'm putting the LTT magnetic cable management system to the test on my mess of cables.

The Setup Challenge

My setup isn't extreme, but it's definitely complex. Here's what needs cable management:

• Five computer speakers
• Home theater receiver
• Two displays
• Three MIDI controllers
• Two audio interfaces
• Five external drives
• USB hubs and various devices
• Ethernet connections
• Power banks
• Hue Lights
• And many more components...

The centerpiece is a steel McDowell & Craig Tanker desk from the 1950s that belonged to my grandfather. While I'm not usually sentimental about objects, this desk does hold special meaning. The fact that it's steel works perfectly with the MCM's magnetic design, though I'll be testing the system on wood surfaces as well.

Product Overview: What's in the Box

The MCM system is straightforward but impressively engineered. Here's what LTT sent me:

The Arches

These come in four sizes, and I received the small, medium, and large. The magnets are surprisingly powerful - I can actually open my desk drawers just by attaching these magnetic arches.

Strength Test: The smallest arch can hold my Cloud Lifter preamp (11.3 oz/320g) with just one magnet. The larger arches could likely hold several pounds. They're so strong that prying them off a surface takes real effort - definitely a good feature.

Power Bar Keys

These might be the secret weapon of the entire system. Power bars/surge protectors typically come with screw mounting options, and these keys simply take advantage of what's already there. With a simple twisting motion, you can attach your power supply to any magnetic surface.

Mounting Plates

LTT also sent various mounting plates, which are essential if you want to attach the system to non-metal surfaces like wood. Each plate has an adhesive back (though I opted to bolt mine for extra security).

The Organization Process

My strategy was to:

1. Consolidate my mess by relocating my home theater receiver
2. Attach one power strip to the bottom of my IKEA stand
3. Organize cables using only what LTT provided

Step 1: Starting Fresh

To give my past self credit, I had made some attempts at organization with cable ties, but it was still a mess. Clearing my desk gave me the opportunity to vacuum and clean - keeping your space clean is just part of being a responsible adult.

Step 2: Tackling Ethernet

I started with my ethernet situation, tucking the cable between the bevel and garage floor lip, securing it with painter's tape for now (though I'll revisit this for a cleaner solution later).

Step 3: Power Management

Next came attaching the power bar keys to my surge protectors:

• My trusty 10-15 year old Belkin surge protector attached with a simple twist-and-slide motion
• My ancient (25+ year old) Surge Master with phone line protection (now apparently "rare" according to some optimistic eBay sellers)

I attached the larger surge protector to the back of my desk and the smaller one to the bottom of my IKEA furniture using the mounting plates. For the wood surface, I bolted the plate down rather than relying solely on the adhesive.

Step 4: Cable Routing

One cautionary note: these magnets can scratch metal surfaces! I tried using felt pads to prevent scratching, but they were too thick and reduced the magnetic strength significantly. A product suggestion for LTT would be integrating silicone grips directly into the arches.

The Results

I kept my goals realistic, knowing I'd never be able to hide all cables in a setup this complex. When viewed from most angles, the cable mess is considerably reduced. I prioritized functionality over perfect presentation since this setup serves as both my work-from-home station and my creative outlet for YouTube and music.

One area that turned out particularly well was my Power Mac G4 setup, which is located several feet away from my other electronics. It was already fairly organized, but the MCM made it even better.

Final Verdict

LTT drove a money truck to my house for this review, I'm genuinely impressed with the MCM system. (No, they didn't pay me anything.

Yes, it's somewhat expensive, but I'll be buying more components with my own money for future projects. It's simply the best cable management system I've found so far.

If you're on a budget, start with the power bar keys - they're likely to be the most impactful first step in organizing your setup. Then you can gradually add more components as your budget allows.

So... the retro computing bug just got you, and you had to get that iBook; maybe it was an iMac G3, a sleek PowerBook G4 12" or PowerMac G5? In any case, this is a guide for you to make the most out of your new-but-old computer.

Upgrades!... Okay, now what?

There are too many models and upgrades to cover, and finding information on the upgrades is actually the easy part; between LowEndMac, EveryMac, MacRumors Forums, archived XLR8yourMac articles and posts, ActionRetro, Mac1984, This Does Not Compute, and so on. Therefore, I'm going to pass on this or hardware recommendations. CPU upgrades for the old computers are non-existent, RAM can be maxed out, HDDs can be replaced with SSDs and video cards can be swapped. There's a joy to modular computing, and for some the hunt for rare CPU upgrades or flashing video cards is part of the joy. Even the less-modular Macs of the day are much more hackable than today's computers.

Therefore, this is a map of recommended software and hopefully an inspiration board to make use of your old hardware. PowerPC computers are too dated and power sipping to have practical value, seeing as a Raspberry Pi has more raw processing power than almost anything in the PowerPC sphere.

Modern Software

Believe it or not, there are still people developing retro software for old PowerPC Macs, including Discord, web browsers, and even Chat GPT, as who doesn't want to be gaslit even in the world of retro computing? The video contains a deeper breakdown of the software listed below.

• Discord Lite - A lightweight Discord client for PowerPC Macs
• Legacy AI - A modern AI for PowerPC Macs
• PPCAppStore - A app store for PowerPC Macs
• Newsstand - A news reader for PowerPC Macs, OS 9 only
• TigerBrew - A package manager for PowerPC Macs
• TenFourFox - A semi-modern web browser for PowerPC Macs
• InterWebPPC - A fork of TenFourFox
• AquaFox - fork of TenFourFox, incorporating tweaks from InterWebPPC and TenFourFoxPEP

There's always Linux...

Adelie Linux is a Linux distribution that supports PowerPC Macs and still being developed. Popular YouTubers like Action Retro have made videos demoing Adelie on PowerPC Macs, but you bought a Mac to be a Mac.

Okay.... but really, what now? Project ideas!

Gaming

Gaming is an obvious first stop for any retro computer enthusiast to experience games as they were. Apple used to be able to pull in major releases sans the time when Valve canceled the Half-Life port.

I've compiled a list of 100+ Games worth checking out on your PowerPC Mac. This list is not exhaustive, but it's a good starting point. I've tried to include a mix of genres and games. I've also tried to include games that are still fun to play today. It's a topic within itself.

Check out The best games for late PowerPC G4/G5 Macs - OS 9 and OS X (100+ games)

Music creation

This is one I'm particularly fond of, as there's a lot of quality retro software be it Logic, Ableton or Cubase for a DAW and oddball apps like Reason, plus a lot of plugins to boot. If you're a digital musician, you're able to make studio quality music on your Mac on the extreme cheap. USB midi is supported in OS X out of the box and it doesn't take a maxed out PowerMac G5 to be able to create quality tunes.

OS X supports low latency USB midi out of the box, and it's a compelling way to get into digital audio as you can score hardware cheaply, and the limitations can be a blessing. There are musicians (although dwindling) still using PowerPC Macs for audio, building multitrack Protools setups on the cheap. Unlike, say, video, where technology becomes a huge limiter, audio is much freer of restrictions (given you embrace freeze tracks, and RAM caps).

Reason 4.0 is intuitive, and also a great learning tool for understanding routing and wiring and for people who are new to digital audio and MIDI, it is a great "my first audio app" if you're looking to make music.

If you've never really messed with music creation, Reason is a brilliantly beautiful

Digital Photography Workflow

As of late, early digital photography has had a boom in popularity, partly for the aesthetics and partly for the art. A modern iPhone performs thousands of pre-baked calculations to tune, balance, color correct, and otherwise sweeten a photograph. Old digital cameras have radically less as they mostly take data from a CCD or CMOS and record it to a file. For some, this also means eschewing modern digital darkroom solutions for a more "pure" digital photography experience.

Programming / Scripting

Retro software development isn't easier than modern as the barrier for software creation has lowered drastically with the rise of various frameworks and open-source projects that can turn a full-stack web developer into an app developer. For the hardcore, you can take a crack at learning Objective-C or Carbon for classic Mac development.

Retro Web Development

Web development might not be the first thing on your mind with a retro computer, but being a much simpler time, much easier to understand. Creating a simple web page was a rite of passage in days past, before social media. If you're feeling particularly inclined, Set up a local web server and build sites with period-appropriate tools or Create a retro webpage or website using the limitation of the early 2000s with CSS 1.0 / Javascript ES3, and embrace Create websites using Dreamweaver MX or GoLive.

Retrocomputing Documentation and communities

A bit of ironic self-awareness for this suggestion. One of the big draws is to map out what's feasible and possible. There's an entire world of YouTube, blogs, forums, and Reddit groups dedicated to the pursuits of retro computing that even result in expos.

Vintage Software

There's a lot of classic software that's worth checking out. I've compiled a list of some of the best software for PowerPC Macs. This list is not exhaustive, but it's a good starting point. I've tried to include a mix of genres and software. I've also tried to include software that is still useful today.

Games

There's so much to cover in Mac gaming (no really, I'm serious) that it demands an entire article of it's own: The best games for late PowerPC G4/G5 Macs - OS 9 and OS X (100+ games)

Audio

• Ableton Live 5 - Ableton still had some growing to do, but PowerPC Macs can enjoy Ableton.
• Apple Logic Pro 7 - Logic Pro 7 is a full-fledged DAW that's still very capable today. Entire albums were recorded on this. It, however, is a bit of a resource hog
• Audion - Audion was a popular MP3 player that was ahead of its time and offered the most amazing skins of any software. Beautiful, and still a masterclass in Mac software.
• Cubase LE 1.08/1.04 - Cubase is a powerful DAW that's still used today. The light version caps tracks to 48 audio tracks and 64 midi tracks.
• Propellerhead Recycle 2.0 - Recycle is a loop editor that allows you to slice up audio for use in other audio applications, allowing you to sample in a unique way. Recycle "REX" loops are still used to this day. It has a short learning curve.
• Propellerhead Reason 4 - It runs on relatively modest hardware very nicely and features a beautiful skeuomorphic design, allowing you to construct and wire virtual instrument racks. It's a blast and a good way to get into digital music. Highly recommended.
• Propellerhead Rebirth - ReBirth emulates two Roland TB-303 synthesizers, a Roland TR-808, and a Roland TR-909 drum machine, and paved the way to Reason.
• Sound Studio 3 - Sound Studio is a simple two-track audio editor that's still very capable today. It's fast, stupidly easy to use, and a good complement to any audio suite.

Audio Plugins

• Absynth 2.x - a granular synthesizer that allows you to create a wide variety of sounds.
• CamelPhatFree VST - a distortion and filter plugin that allows you to add warmth and character to your sounds.
• CamelCrusher VST/AU/RTAS - a distortion and filter plugin adds color to your sound.
• Native Instruments B4 - A Hammond B3 emulator
• Native Instruments Guitar Rig 2.2 - a guitar amp emulator that allows you to play guitar through your Mac
Native Instruments Kompakt v1.0 VSTi - sample library loader that supports a wide variety of sample formats</li>
• Native Instruments Massive 1.0.1 VSTi/AU/RTAS - a loved and powerful synth
• Novation Bass Station and V-Station VST/AU - a collection of classic synth emulations
• Ohmicide VST/AU/RTAS - multiband distortion plugin
• OhMyGod VST - a distortion plugin that allows you to add grit and character to your sounds
• TAL-BassLine-101 VST/AU - a classic analog bass synth emulation targeted for EDM, and useful for trap and acid.
• TAL-Elek7ro VST - a virtual analog synth..
• Native Instruments Reaktor Session One Carbon Futuremusic Edition VST/AU - a synth emulator that lets you build your own synths.
• Voxengo Freeware Audio Plugins PPC/x86 VST/AU - a collection of free audio plugins that includes a variety of EQ/effects.
• ZebraCM VST/AU - a powerful synth that allows you to create a wide variety of sounds.

Emulation / Virtualization

Emulation was very popular in OS 9 and OS X. Thus, a wide range of emulators were ported to OS X and OS 9. One of the most impressive is Virtual PC, although requires a beefier Mac as it emulates an x86 CPU. Virtual PC is surprisingly usable on late gen PowerPC G4s and G5s and will also make you thankful for modern virtualization software like Parallels. Connectix VGS is super impressive, as even iMac G3s can join in on PlayStation gaming with near flawless emulation for most titles. It's actually a viable way to play PSX games to this day. I highly recommend trying it out.

• Boycott - A Gameboy / GameBoy Color emulator for OS 9.
• Boycott Advance - A Gameboy Advance emulator for OS 8 - OS X.
• bsnes - A SNES emulator for OS X, only for the PowerMac G5.
• Connectix Virtual Game Station - Kicked off a major lawsuit by Sony which established emulators as legal, PlayStation games on your PowerPC Mac in OS 9.
• DGen and Dgen OS 9 - A later emulator for Sega Genesis / Megadrive games on your PowerPC Mac in OS X.
• GenEm - Play Sega Genesis / Megadrive games on your PowerPC Mac in OS 9.
• Genesis Plus - A Sega Genesis / MegaDrive emulator for OS 8 - OS X.
• Generator - A Sega Genesis / MegaDrive emulator for OS 8 - OS X.
• GrayBox - A NES emulator built for System 7 - OS 9.
• Handy - An Atari Lynx emulator for OS 8 and OS X.
• iNES - iNES is an NES emulator that allows you to play NES games on your PowerPC Mac in OS 9.
• KiGB - Gameboy emulator for OS 8 - OS X.
• Mini vMac - Mini vMac is a Mac Plus emulator that allows you to run classic Mac software on your PowerPC Mac.
• M1 multi-platform arcade music emulator - play music from videogame ROMS for OS 8 - OS X.
• MAME OS X - MAME is an arcade emulator that allows you to play arcade games on your PowerPC Mac in OS X.
• MasterGear - A Sega Master System / Game Gear emulator for OS 7 to OS 9.
• Mupen64 - A Nintendo 64 emulator for OS X, limited compatibility.
• NeoPocott - A Neo Geo Pocket Color emulator for OS 9 and OS X.
• Nestopia - A NES emulator for OS X.
• PCSX - The PowerPC version of the popular PlayStation emulator
• RockNes - OS 8 to OS X NES emulator
• SMSPlus - A Sega Master System / Game Gear emulator for OS 9 and OS X.
• Snes9x - A powerful SNES emulator that worked on relatively modest hardware.
• QuickNES - An NES emulator that works both on OS X and OS 9.
• Virtual PC 7 + Windows XP - Virtual PC is virtualization software that opened up the world of emulating Windows on a Mac.
• VisualBoyAdvance - A Gameboy Advance emulator for OS X.
• Blitter Library - visual enhancements for many popular OS 9 emulators
• Emulation Enhancer - visual enhancements for many popular OS X emulators

Graphic Design

We've both come a long way and are not terribly far in the world of graphic design software as Photoshop 9 is still more than capable today, even if it lacks some of the ML/AI features of upscaling, content-aware replacements, focus correction and so on. If you get good with Photoshop 9, you're basically ready-to-go on the current version of Photoshop CC.

• Adobe Creative Suite 1 & Adobe Creative Suite 2 - The suite were much smaller with Adobe Acrobat Professional, GoLive, Illustrator, ImageReady, InDesign, & Photoshop. Even today, Illustrator and Photoshop 9 remain capable as they feature HDR support, warping tools, and smart objects (still lacking from virtually all competitors). Photoshop 9 is a beast and, while intensive, is surprisingly nimble compared to its bloated modern versions. Most everything you'd ever need is in this version.
• Aperture - Apple's professional photo editing software that developed a small cult following.
• Cinema 4D R9 XL - Cinema 4D is a 3D modeling and animation software. It's robust for its time.
• Macromedia Studio MX - Macromedia Studio MX is a suite of software that includes Dreamweaver, Fireworks, Flash, and Freehand. This is mostly a nostalgia binge, but Freehand, in my opinion, was much easier to use the vector illustration app.

Productivity

It's unlikely you'll be using your PowerPC Mac for writing the next great American novel, but there are still a few productivity software packages you may want to experience.

• Microsoft Office 2004 - Yep. It's Microsoft Office, and that means Word, Excel, PowerPoint but also Virtual PC 7
• OmniGraffle - If you're after some 2000s-era diagramming and flowcharting in a native Mac-only experience, OmniGroup has you covered.

Utilities & Enhancements

OS X was infinitely more hackable than modern macOS due to less OS security. OS customizations were popular and varied. It's one of the more senseless and fun things to explore for early OS X.

• Diskwarrior 3.x - Absolutely a must. HFS+ is pretty awful and prone to a lot of errors. Diskwarrior saved my ass many a time back in the day and makes retro computing more enjoyable as it's able to fix the by far and away the most problems with disk corruption, and much better than Apple's own disk utility.
• Drag Thing - A dock alternative that predates OS X
• Drop Drawers - A lesser-known but useful utility that allowed for spring-loaded folders on any side of the screen and could house links, application aliases, text, etc
• FruitMenu - customize the Apple menu
• Kaleidoscope - An OS 9 theming application
• Onyx - Onyx is an OS X system maintenance tool that allows you to clean up your system, repair permissions, and optimize your system. It's a good way to keep your system running smoothly. Depending on the OS X version, lets you modify the dock appearance and default behaviors.
• Roxio Toast 6 Titanium - Toast is a CD/DVD burning software that allows you to burn CDs and DVDs and mount disk images. Highly recommended.
• OmniDiskSweeper- quickly find and delete large files.
• Shapeshifter - early OS X was wildly themeable, and Shapeshifter offered awesome theming capabilities. It only worked until 10.4 Tiger.
• QuickSilver - application launcher
• TinkerTool - exposes hidden system customization
• Window Shade X - Staple of OS 9, allowing for collapsible windows that made its way to OS X

Development & Programming

Many developers have fond memories of coding on PowerPC Macs, and some might want to relive that experience. Modern devs might want to take a swing at writing a new app with the challenges of retro software.

• Xcode - Apple's IDE for writing software for those looking to make retro software.
• BBEdit - Legendary text editor with PowerPC support.
• CodeWarrior 10 / Codewarrior 9 - Essential development environment for classic Mac
• FileMaker Pro 6 - Database software
• MacPerl/MacPython - Scripting languages for Mac

Networking & Internet

Less "fun" than more practical as FTPs are a surefire way to transfer software, especially to OS 9 computers.

• Fetch / Transmit / CyberDuck - FTP clients
• Colloquy - IRC client
• Eudora / Entourage / Outlook Express / Sunbird - Email clients
• NetNewsWire - RSS reader

Video and Media

PowerPC Macs were the go-to for video editing and media production, although they struggled during the High-definition transition as even the mightiest of G5s were somewhat ill-equipped for 1080p editing. If you have an old DV camera, they'll chew through 480i and 480p video.

• Final Cut Studio - Apple's professional video editing suite, including Final Cut Pro, DVD Studio Pro, Motion, Live Type, Compressor, Cinema Tools, and Soundtrack.
• iLife - iLife is a suite of software that includes iPhoto, iMovie, iDVD, and GarageBand that makes any Mac user a multimedia wizard.
• iMove HD - Who doesn't love editing 1080i video?
• VLC - The legendary open source media player

Not that I have regular readers, keeping with the tradition of announcing changes, like my stupid spam bot solution, complianing about AI, adding dark mode, or general changes, I finally removed jQuery. That's a 70k JS payload down to 7k. The only reason it existed was for FitVidJS, which I converted to vanilla JS.

Also, now my slogan changes with well over 100 phrases; some are a bit spicy... well, only if you're the sort of low-acuity person who still thinks Elon is cool. It's okay, I'm just a mean guy who doesn't use Twitter. My opinions don't count.

I'll probably look at integrating this blog into ActivityPub to continue supporting the open internet.

I know why you're here. It's because you want to connect to your local network via WWW, but Synology's guides aren't complete, and a bit out of date, right? I don't know why I'm asking, as you can't respond. Anyhow, let's get to it.

Step 1: Setting up the your Router

In your router, you'll need to set up port forwarding or "Virtual Server" or "NAT Settings":

• UDP port 500 (IKE)
• UDP port 1701 (L2TP)
• UDP port 4500 (IPSec NAT-Traversal)

These must be pointed to your Synology's internal IP address, like 192.168.x.x or 10.10.x.x. You also may need to unblock these in your Firewall.

Step 2: Setting up the VPN Server

If you haven't installed the VPN Server package from Synology on your NAS, you'll need to do this.

You have three main options for setting up a VPN, only two of which are real options: OpenVPN and L2TP over IPSec. The path of least resistance is L2TP over IPSec. You'll only need to configure the IP address, which should be in the same host range (the last two octlets). My network is 192.168.50.x. To avoid any IP conflicts, I just add +1, so my VPNed devices will be 192.168.51.x.

The second piece is the Pre-shared key. Assign this to whatever you'd like, but you will need this password.

Step 3: Setting up your Mac

Locate VPN in the system settings; in modern macOS, search "VPN," and it'll appear in the sidebar. Click add VPN configuration, and select L2TP over IPsec.

You'll need to configure the following:

• Display name: This can be anything
• Server address: This is your network's external IP. I couldn't get the quickconnect URL to work, but there is probably a way. The easiest way to determine your IP is to use a "What's my IP" search in a web browser when connected to the same network as your Synology.
• Account name: This must be a Synology user on your NAS. You can create an account just for VPN or use an existing account
• Password: This is your password for the Synology user.
• Shared Secret: This is the pre-shared key you set up in the Synology VPN server.

To test the connection, you'll need to use an external network; if you have an iPhone, a quick and easy way is to connect your Mac to your iPhone as a hotspot and test the VPN connection.

If you have issues connecting anything on your network, in your VPN configuration, click options and select "Send all traffic over VPN connection". This is a brute force method that'll do exactly what it says. Your Mac essentially exists on the same network as the rest of your devices.