Glossary
Quick-reference definitions for web security, DNS, CDN, and infrastructure terms.
Each term links to an in-depth article where one exists. Use the sidebar to jump to any letter.
Anycast
A network routing method where the same IP address is announced from multiple locations, directing traffic to the nearest or healthiest node.
Learn more →API
Application Programming Interface — a set of rules that lets software programs communicate with each other. NOC provides a REST API for managing CDN, WAF, and DNS.
Learn more →Application Layer Attack
A DDoS attack that targets Layer 7 (HTTP/HTTPS) to exhaust server resources by mimicking legitimate requests.
Learn more →Arbitrary Code Execution
A vulnerability that allows an attacker to run any code on a target system, often leading to full server compromise.
Learn more →Attack Surface
The total set of points where an attacker could try to enter or extract data from a system — ports, endpoints, services, and exposed software.
Learn more →Authentication
The process of verifying the identity of a user, device, or system before granting access to resources.
Learn more →Bandwidth
The maximum data transfer rate of a network connection, typically measured in Mbps or Gbps.
Learn more →Blacklist
A list of IPs, domains, or URLs flagged as malicious by security vendors or search engines. Blacklisted sites may be blocked or show warnings.
Learn more →Block Page
A web page displayed by a firewall or content filter when access to a resource is denied.
Learn more →Bot
An automated program that performs tasks on the internet — some legitimate (search crawlers) and some malicious (scrapers, DDoS bots).
Learn more →Brute Force Attack
An attack that systematically tries every possible password or key combination until the correct one is found.
Learn more →CAA Record
A DNS Certification Authority Authorization record that specifies which CAs are allowed to issue certificates for a domain.
Learn more →Cache
A temporary storage layer that keeps copies of frequently requested content closer to the user, reducing load times and origin server traffic.
Learn more →CDN
Content Delivery Network — a distributed network of edge servers that caches and delivers content from locations geographically close to users.
Learn more →Certificate
A digital document (SSL/TLS certificate) that binds a public key to a domain, enabling encrypted HTTPS connections.
Learn more →Clickjacking
A UI redressing attack where a transparent iframe tricks users into clicking on something different from what they perceive.
Learn more →CNAME Record
A DNS record that aliases one domain name to another, used for subdomains and CDN integration.
Learn more →Content Security Policy (CSP)
An HTTP security header that controls which resources a browser is allowed to load, helping prevent XSS and data injection attacks.
Learn more →Cross-Site Scripting (XSS)
A vulnerability where an attacker injects malicious scripts into web pages viewed by other users.
Learn more →CVSS
Common Vulnerability Scoring System — a standardized framework for rating the severity of security vulnerabilities on a 0–10 scale.
Learn more →CVE
Common Vulnerabilities and Exposures — a public catalog of known security vulnerabilities, each assigned a unique identifier (e.g., CVE-2021-44228).
Learn more →DDoS
Distributed Denial of Service — an attack that floods a target with traffic from many sources to overwhelm its capacity and cause downtime.
Learn more →DKIM
DomainKeys Identified Mail — an email authentication method that adds a cryptographic signature to outgoing messages, verified via a DNS TXT record.
Learn more →DMARC
Domain-based Message Authentication, Reporting & Conformance — a policy that tells receiving mail servers how to handle emails that fail SPF or DKIM checks.
Learn more →DNS
Domain Name System — the internet's phonebook that translates human-readable domain names into IP addresses.
Learn more →DNS Amplification
A volumetric DDoS technique that exploits open DNS resolvers to flood a target with large DNS responses.
Learn more →DNS Zone File
A text file that contains all DNS records for a domain, defining how the domain's DNS behaves.
Learn more →DNSSEC
DNS Security Extensions — a set of protocols that add cryptographic signatures to DNS records to protect against spoofing and cache poisoning.
Learn more →DoH
DNS over HTTPS — a protocol that encrypts DNS queries inside HTTPS connections for privacy.
Learn more →DoT
DNS over TLS — a protocol that encrypts DNS queries using TLS, typically on port 853.
Learn more →Edge Server
A server positioned at the network edge (close to users) that caches content and processes requests on behalf of the origin server.
Learn more →Encryption
The process of encoding data so only authorized parties can read it. TLS/SSL encryption protects data in transit between browsers and servers.
Learn more →Expect-CT
An HTTP header that tells browsers to enforce Certificate Transparency requirements, helping detect misissued certificates.
Learn more →Failover
An automatic switching mechanism that redirects traffic to a backup server or path when the primary becomes unavailable.
Learn more →Firewall
A security system that monitors and controls network traffic based on predefined rules, blocking unauthorized access.
Learn more →FQDN
Fully Qualified Domain Name — the complete domain name that specifies an exact location in the DNS hierarchy (e.g., www.noc.org).
Learn more →Geo-Blocking
Restricting access to content or services based on the geographic location (country) of the requesting IP address.
Learn more →Geo-Routing
Directing DNS or CDN traffic to the server nearest to the user based on geographic location, reducing latency.
Learn more →Hardening
The process of securing a system by reducing its attack surface — disabling unnecessary services, applying patches, and tightening configurations.
Learn more →HSTS
HTTP Strict Transport Security — a header that forces browsers to connect over HTTPS only, preventing protocol downgrade attacks.
Learn more →HTTP Flood
A Layer 7 DDoS attack that sends large volumes of seemingly legitimate HTTP requests to overwhelm a web server.
Learn more →HTTPS
HyperText Transfer Protocol Secure — HTTP encrypted with TLS, ensuring data confidentiality and integrity between browser and server.
Learn more →Incident Response
The structured process of detecting, containing, eradicating, and recovering from a security breach or attack.
Learn more →IP Address
A numerical label assigned to each device on a network, used for routing traffic. IPv4 uses 32-bit addresses; IPv6 uses 128-bit.
Learn more →IPTables
A Linux kernel firewall tool that filters network packets based on rules for chains (INPUT, OUTPUT, FORWARD).
Learn more →IPv4
Internet Protocol version 4 — the most widely used IP addressing system, using 32-bit addresses (e.g., 203.0.113.10).
Learn more →IPv6
Internet Protocol version 6 — the successor to IPv4 using 128-bit addresses (e.g., 2001:db8::1) to solve address exhaustion.
Learn more →Latency
The time delay between a user's request and the server's response, typically measured in milliseconds. CDNs reduce latency by serving content from nearby edge servers.
Learn more →Layer 3
The network layer of the OSI model, where IP routing and packet forwarding occur. Layer 3 DDoS attacks target this layer with volumetric floods.
Learn more →Layer 7
The application layer of the OSI model, where HTTP/HTTPS operates. Layer 7 attacks target web applications directly.
Learn more →Load Balancing
Distributing incoming traffic across multiple servers to improve performance, availability, and redundancy.
Learn more →Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to systems — includes backdoors, webshells, skimmers, and cryptominers.
Learn more →MIME Type
A label that identifies the type of content in an HTTP response (e.g., text/html, application/json). Correct MIME types prevent browser sniffing attacks.
Learn more →Mitigation
The actions taken to reduce the impact of an attack or vulnerability, such as WAF rules, rate limiting, or patching.
Learn more →Monitoring
Continuously checking website availability, performance, and security from multiple locations to detect issues quickly.
Learn more →MX Record
A DNS Mail Exchange record that specifies which mail servers accept email for a domain.
Learn more →Nameserver
A DNS server that holds the authoritative records for a domain and responds to queries about it.
Learn more →Nmap
Network Mapper — an open-source tool for network discovery and security auditing that scans hosts, ports, and services.
Learn more →NS Record
A DNS record that delegates a domain to a specific set of authoritative nameservers.
Learn more →Origin Server
The hosting server where a website's original content lives. A CDN caches content from the origin and serves it from edge nodes.
Learn more →OWASP
Open Worldwide Application Security Project — a nonprofit that publishes resources on web application security, including the OWASP Top 10 vulnerability list.
Learn more →Patch
A software update that fixes a bug or security vulnerability. Timely patching is one of the most effective defenses against exploitation.
Learn more →Payload
The part of an attack that performs the malicious action — for example, the injected script in an XSS attack or the shell uploaded via RCE.
Learn more →Permissions Policy
An HTTP header that controls which browser features (camera, microphone, geolocation) a page is allowed to use.
Learn more →Phishing
A social engineering attack that tricks users into revealing sensitive information by impersonating a trusted entity, often via fake login pages.
Learn more →POP (Point of Presence)
A physical location where a CDN or network provider has servers, typically in a data center, to serve content closer to end users.
Learn more →Protocol Attack
A DDoS attack that exploits weaknesses in network protocols (TCP, UDP) to consume server resources — includes SYN floods and Ping of Death.
Learn more →Proxy
An intermediary server that sits between a client and origin server, forwarding requests and responses. A reverse proxy (like a CDN) sits in front of the origin.
Learn more →PTR Record
A DNS Pointer record used for reverse DNS lookups — maps an IP address back to a hostname.
Learn more →Rate Limiting
Restricting the number of requests a client can make within a time window to prevent abuse, brute force, and DDoS attacks.
Learn more →RCE
Remote Code Execution — a critical vulnerability class where an attacker can execute arbitrary code on a remote server.
Learn more →Referrer Policy
An HTTP header that controls how much referrer URL information is included when navigating away from a page.
Learn more →Reverse Proxy
A server that sits in front of one or more origin servers, handling client requests on their behalf. CDNs and WAFs typically operate as reverse proxies.
Learn more →SEO Spam
An attack where hackers inject spam content, links, or redirects into a website to manipulate search engine rankings.
Learn more →Skimmer
Malicious JavaScript injected into e-commerce checkout pages to steal credit card data in real time.
Learn more →SOA Record
Start of Authority — the DNS record that contains administrative information about a zone, including the primary nameserver, contact email, and refresh timers.
Learn more →Software Vulnerability
A weakness in software that can be exploited by attackers to gain unauthorized access or cause harm.
Learn more →SPF
Sender Policy Framework — a DNS TXT record that specifies which mail servers are authorized to send email on behalf of a domain.
Learn more →SQL Injection
An attack that inserts malicious SQL queries into input fields to manipulate or extract data from a database.
Learn more →SRV Record
A DNS Service record that specifies the host, port, priority, and weight for a specific service (e.g., SIP, XMPP).
Learn more →SSH
Secure Shell — an encrypted protocol for secure remote access to servers, typically running on port 22.
Learn more →SSL/TLS
Secure Sockets Layer / Transport Layer Security — cryptographic protocols that encrypt communication between a browser and server. TLS is the modern successor to SSL.
Learn more →TCP
Transmission Control Protocol — a connection-oriented transport protocol that provides reliable, ordered data delivery between hosts.
Learn more →TLS
Transport Layer Security — the cryptographic protocol that secures HTTPS connections, providing encryption, authentication, and integrity.
Learn more →TTL
Time to Live — in DNS, the number of seconds a record can be cached before it must be re-queried. In networking, a hop counter that prevents infinite routing loops.
Learn more →TXT Record
A DNS record that holds arbitrary text data, commonly used for SPF, DKIM, DMARC, and domain verification.
Learn more →UFW
Uncomplicated Firewall — a user-friendly frontend for iptables on Ubuntu/Debian that simplifies firewall rule management.
Learn more →Uptime
The percentage of time a website or service is available and operational. NOC Monitoring tracks uptime from multiple global locations.
Learn more →Virtual Patching
A WAF technique that blocks exploitation of a known vulnerability at the network edge without modifying the application's source code.
Learn more →Volumetric Attack
A DDoS attack that aims to saturate the target's bandwidth with massive traffic volume (UDP floods, DNS amplification, etc.).
Learn more →VPN
Virtual Private Network — an encrypted tunnel between a device and a remote server that protects traffic privacy and masks the user's IP address.
Learn more →Vulnerability
A weakness in software, hardware, or processes that an attacker can exploit to compromise a system.
Learn more →WAF
Web Application Firewall — a security layer that inspects HTTP traffic and blocks attacks like SQL injection, XSS, and RCE before they reach the origin server.
Learn more →Waiting Room
A queue system that holds excess visitors in a virtual lobby during traffic spikes, protecting the origin from overload.
Learn more →Wildcard Certificate
An SSL/TLS certificate that secures a domain and all its subdomains using a wildcard (*.example.com).
Learn more →WPScan
An open-source WordPress vulnerability scanner that identifies security issues in themes, plugins, and core installations.
Learn more →X-Content-Type-Options
An HTTP header (set to "nosniff") that prevents browsers from MIME-sniffing a response away from the declared Content-Type.
Learn more →X-Frame-Options
An HTTP header that controls whether a page can be embedded in iframes, protecting against clickjacking attacks.
Learn more →X-XSS-Protection
A legacy HTTP header that activates the browser's built-in XSS filter. Modern browsers rely on CSP instead.
Learn more →Zero-Day
A vulnerability that is exploited before the vendor is aware of it or has released a patch, leaving no time ("zero days") for defense.
Learn more →Zone File
A text file stored on a DNS server containing all the resource records for a domain, defining its DNS configuration.
Learn more →Missing a term?
We're always expanding this glossary. If there's a term you'd like defined, let us know at support@noc.org.
Get
Started