Read Only Mode – Telchar HiveLock

Read Only Mode – Telchar HiveLock freezes an already working site by restricting persistent WordPress actions while keeping the site online, browsable, and accessible to administrators.

While freeze mode is enabled:

• Frontend browsing continues to work.
• Administrators can still log in. All users can still log out.
• Administrators can still access the dashboard.
• Administrators can return to the plugin page and disable the freeze.
• Standard WordPress-level persistent changes are blocked.

This plugin is designed for already-finished sites that should stay online and readable without allowing routine changes, uploads, updates, or content edits until an administrator intentionally unfreezes the site again.

It is not a maintenance mode plugin. Its purpose is to harden finished sites by reducing their WordPress-level attack surface and blocking persistent changes through standard WordPress write routes.

Blocked surfaces include:

• post, page, attachment, and custom post type writes
• taxonomy changes
• comment creation and standard moderation changes
• option and settings updates
• user creation, deletion, and password reset flows
• media uploads
• plugin, theme, and core file modification flows handled through WordPress
• REST write requests across all namespaces, including third-party plugin routes
• admin AJAX restricted to a narrow allowlist of safe core read actions, while taxonomy creation requests return a visible error
• XML-RPC publishing and pingback-style mutation routes

This plugin aims to provide a practical WordPress-level freeze mode. It does not claim to provide absolute immutability, server-level filesystem protection, or protection against every possible vulnerability or every custom plugin write path.