Is it possible to make a WordPress deployment read-only? For a website that won’t be updated, I’d like to make it read-only/static, so the archive is there but nobody can post, so I don’t have to deal with breaches and updates?
Assuming you have shell access, or access to any Linux/Unix box, you could use
wget to download the entire site to static html files:
wget --recursive --no-clobber --page-requisites --html-extension --domains domain.com http://domain.com
Then either upload or move these files to your web root (after backing up and removing your WP installation).
I imagine it’s also possible to do this via some sort of proxy/cache setup, but I can’t comment on the relative security of such an approach with any certainty.