This repository was archived by the owner on Apr 4, 2026. It is now read-only.
Security Feature request: optional write protection for the Modbus TCP server #324
Description
Hi,
I noticed that OpenPLC's Modbus TCP server currently accepts write function codes such as FC05, FC06, FC15, and FC16 from any client that can reach the Modbus TCP port.
Since these function codes can directly modify coils and registers, it may be valuable to support optional write protection features for deployments where Modbus is not confined to a fully trusted control network. Examples include:
- a read-only Modbus/TCP mode
- the ability to disable specific write function codes (for example FC05/FC06/FC15/FC16)
These options could be added without changing the current default behavior. If this sounds useful, I’d be happy to help sketch a small proposal or PR.
Thanks.