Glossary
Quick-reference definitions for web security, DNS, CDN, and infrastructure terms.
Each term links to an in-depth article where one exists. Use the sidebar to jump to any letter.
Anycast
A network routing method where the same IP address is announced from multiple locations, directing traffic to the nearest or healthiest node.
Learn more →API
Application Programming Interface — a set of rules that lets software programs communicate with each other. NOC provides a REST API for managing CDN, WAF, and DNS.
Learn more →Application Layer Attack
A DDoS attack that targets Layer 7 (HTTP/HTTPS) to exhaust server resources by mimicking legitimate requests.
Learn more →Arbitrary Code Execution
A vulnerability that allows an attacker to run any code on a target system, often leading to full server compromise.
Learn more →Attack Surface
The total set of points where an attacker could try to enter or extract data from a system — ports, endpoints, services, and exposed software.
Authentication
The process of verifying the identity of a user, device, or system before granting access to resources.
Bandwidth
The maximum data transfer rate of a network connection, typically measured in Mbps or Gbps.
Blacklist
A list of IPs, domains, or URLs flagged as malicious by security vendors or search engines. Blacklisted sites may be blocked or show warnings.
Learn more →Block Page
A web page displayed by a firewall or content filter when access to a resource is denied.
Bot
An automated program that performs tasks on the internet — some legitimate (search crawlers) and some malicious (scrapers, DDoS bots).
Brute Force Attack
An attack that systematically tries every possible password or key combination until the correct one is found.
Learn more →CAA Record
A DNS Certification Authority Authorization record that specifies which CAs are allowed to issue certificates for a domain.
Learn more →Cache
A temporary storage layer that keeps copies of frequently requested content closer to the user, reducing load times and origin server traffic.
CDN
Content Delivery Network — a distributed network of edge servers that caches and delivers content from locations geographically close to users.
Learn more →Certificate
A digital document (SSL/TLS certificate) that binds a public key to a domain, enabling encrypted HTTPS connections.
Clickjacking
A UI redressing attack where a transparent iframe tricks users into clicking on something different from what they perceive.
Learn more →CNAME Record
A DNS record that aliases one domain name to another, used for subdomains and CDN integration.
Learn more →Content Security Policy (CSP)
An HTTP security header that controls which resources a browser is allowed to load, helping prevent XSS and data injection attacks.
Learn more →Cross-Site Scripting (XSS)
A vulnerability where an attacker injects malicious scripts into web pages viewed by other users.
Learn more →CVSS
Common Vulnerability Scoring System — a standardized framework for rating the severity of security vulnerabilities on a 0–10 scale.
Learn more →CVE
Common Vulnerabilities and Exposures — a public catalog of known security vulnerabilities, each assigned a unique identifier (e.g., CVE-2021-44228).
Learn more →DDoS
Distributed Denial of Service — an attack that floods a target with traffic from many sources to overwhelm its capacity and cause downtime.
Learn more →DKIM
DomainKeys Identified Mail — an email authentication method that adds a cryptographic signature to outgoing messages, verified via a DNS TXT record.
Learn more →DMARC
Domain-based Message Authentication, Reporting & Conformance — a policy that tells receiving mail servers how to handle emails that fail SPF or DKIM checks.
Learn more →DNS
Domain Name System — the internet's phonebook that translates human-readable domain names into IP addresses.
Learn more →DNS Amplification
A volumetric DDoS technique that exploits open DNS resolvers to flood a target with large DNS responses.
Learn more →DNS Zone File
A text file that contains all DNS records for a domain, defining how the domain's DNS behaves.
Learn more →DNSSEC
DNS Security Extensions — a set of protocols that add cryptographic signatures to DNS records to protect against spoofing and cache poisoning.
Learn more →Domain
A human-readable address (e.g., noc.org) that maps to an IP address via DNS.
DoH
DNS over HTTPS — a protocol that encrypts DNS queries inside HTTPS connections for privacy.
DoT
DNS over TLS — a protocol that encrypts DNS queries using TLS, typically on port 853.
Edge Server
A server positioned at the network edge (close to users) that caches content and processes requests on behalf of the origin server.
Learn more →Encryption
The process of encoding data so only authorized parties can read it. TLS/SSL encryption protects data in transit between browsers and servers.
Expect-CT
An HTTP header that tells browsers to enforce Certificate Transparency requirements, helping detect misissued certificates.
Learn more →Failover
An automatic switching mechanism that redirects traffic to a backup server or path when the primary becomes unavailable.
Learn more →Firewall
A security system that monitors and controls network traffic based on predefined rules, blocking unauthorized access.
Learn more →FQDN
Fully Qualified Domain Name — the complete domain name that specifies an exact location in the DNS hierarchy (e.g., www.noc.org).
Geo-Blocking
Restricting access to content or services based on the geographic location (country) of the requesting IP address.
Geo-Routing
Directing DNS or CDN traffic to the server nearest to the user based on geographic location, reducing latency.
Learn more →Hardening
The process of securing a system by reducing its attack surface — disabling unnecessary services, applying patches, and tightening configurations.
Learn more →HSTS
HTTP Strict Transport Security — a header that forces browsers to connect over HTTPS only, preventing protocol downgrade attacks.
Learn more →HTTP Flood
A Layer 7 DDoS attack that sends large volumes of seemingly legitimate HTTP requests to overwhelm a web server.
Learn more →HTTPS
HyperText Transfer Protocol Secure — HTTP encrypted with TLS, ensuring data confidentiality and integrity between browser and server.
Incident Response
The structured process of detecting, containing, eradicating, and recovering from a security breach or attack.
IP Address
A numerical label assigned to each device on a network, used for routing traffic. IPv4 uses 32-bit addresses; IPv6 uses 128-bit.
IPTables
A Linux kernel firewall tool that filters network packets based on rules for chains (INPUT, OUTPUT, FORWARD).
Learn more →IPv4
Internet Protocol version 4 — the most widely used IP addressing system, using 32-bit addresses (e.g., 203.0.113.10).
IPv6
Internet Protocol version 6 — the successor to IPv4 using 128-bit addresses (e.g., 2001:db8::1) to solve address exhaustion.
Learn more →Latency
The time delay between a user's request and the server's response, typically measured in milliseconds. CDNs reduce latency by serving content from nearby edge servers.
Layer 3
The network layer of the OSI model, where IP routing and packet forwarding occur. Layer 3 DDoS attacks target this layer with volumetric floods.
Learn more →Layer 7
The application layer of the OSI model, where HTTP/HTTPS operates. Layer 7 attacks target web applications directly.
Learn more →Load Balancing
Distributing incoming traffic across multiple servers to improve performance, availability, and redundancy.
Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to systems — includes backdoors, webshells, skimmers, and cryptominers.
Learn more →MIME Type
A label that identifies the type of content in an HTTP response (e.g., text/html, application/json). Correct MIME types prevent browser sniffing attacks.
Learn more →Mitigation
The actions taken to reduce the impact of an attack or vulnerability, such as WAF rules, rate limiting, or patching.
Monitoring
Continuously checking website availability, performance, and security from multiple locations to detect issues quickly.
Learn more →MX Record
A DNS Mail Exchange record that specifies which mail servers accept email for a domain.
Learn more →Nameserver
A DNS server that holds the authoritative records for a domain and responds to queries about it.
Learn more →Nmap
Network Mapper — an open-source tool for network discovery and security auditing that scans hosts, ports, and services.
Learn more →NS Record
A DNS record that delegates a domain to a specific set of authoritative nameservers.
Learn more →Origin Server
The hosting server where a website's original content lives. A CDN caches content from the origin and serves it from edge nodes.
OWASP
Open Worldwide Application Security Project — a nonprofit that publishes resources on web application security, including the OWASP Top 10 vulnerability list.
Patch
A software update that fixes a bug or security vulnerability. Timely patching is one of the most effective defenses against exploitation.
Payload
The part of an attack that performs the malicious action — for example, the injected script in an XSS attack or the shell uploaded via RCE.
Learn more →Permissions Policy
An HTTP header that controls which browser features (camera, microphone, geolocation) a page is allowed to use.
Learn more →Phishing
A social engineering attack that tricks users into revealing sensitive information by impersonating a trusted entity, often via fake login pages.
Learn more →POP (Point of Presence)
A physical location where a CDN or network provider has servers, typically in a data center, to serve content closer to end users.
Learn more →Protocol Attack
A DDoS attack that exploits weaknesses in network protocols (TCP, UDP) to consume server resources — includes SYN floods and Ping of Death.
Learn more →Proxy
An intermediary server that sits between a client and origin server, forwarding requests and responses. A reverse proxy (like a CDN) sits in front of the origin.
PTR Record
A DNS Pointer record used for reverse DNS lookups — maps an IP address back to a hostname.
Learn more →Rate Limiting
Restricting the number of requests a client can make within a time window to prevent abuse, brute force, and DDoS attacks.
RCE
Remote Code Execution — a critical vulnerability class where an attacker can execute arbitrary code on a remote server.
Learn more →Referrer Policy
An HTTP header that controls how much referrer URL information is included when navigating away from a page.
Learn more →Reverse Proxy
A server that sits in front of one or more origin servers, handling client requests on their behalf. CDNs and WAFs typically operate as reverse proxies.
Learn more →SEO Spam
An attack where hackers inject spam content, links, or redirects into a website to manipulate search engine rankings.
Learn more →Skimmer
Malicious JavaScript injected into e-commerce checkout pages to steal credit card data in real time.
Learn more →SOA Record
Start of Authority — the DNS record that contains administrative information about a zone, including the primary nameserver, contact email, and refresh timers.
Learn more →Software Vulnerability
A weakness in software that can be exploited by attackers to gain unauthorized access or cause harm.
Learn more →SPF
Sender Policy Framework — a DNS TXT record that specifies which mail servers are authorized to send email on behalf of a domain.
Learn more →SQL Injection
An attack that inserts malicious SQL queries into input fields to manipulate or extract data from a database.
Learn more →SRV Record
A DNS Service record that specifies the host, port, priority, and weight for a specific service (e.g., SIP, XMPP).
Learn more →SSH
Secure Shell — an encrypted protocol for secure remote access to servers, typically running on port 22.
Learn more →SSL/TLS
Secure Sockets Layer / Transport Layer Security — cryptographic protocols that encrypt communication between a browser and server. TLS is the modern successor to SSL.
TCP
Transmission Control Protocol — a connection-oriented transport protocol that provides reliable, ordered data delivery between hosts.
TLS
Transport Layer Security — the cryptographic protocol that secures HTTPS connections, providing encryption, authentication, and integrity.
TTL
Time to Live — in DNS, the number of seconds a record can be cached before it must be re-queried. In networking, a hop counter that prevents infinite routing loops.
TXT Record
A DNS record that holds arbitrary text data, commonly used for SPF, DKIM, DMARC, and domain verification.
Learn more →UFW
Uncomplicated Firewall — a user-friendly frontend for iptables on Ubuntu/Debian that simplifies firewall rule management.
Learn more →Uptime
The percentage of time a website or service is available and operational. NOC Monitoring tracks uptime from multiple global locations.
Learn more →Virtual Patching
A WAF technique that blocks exploitation of a known vulnerability at the network edge without modifying the application's source code.
Learn more →Volumetric Attack
A DDoS attack that aims to saturate the target's bandwidth with massive traffic volume (UDP floods, DNS amplification, etc.).
Learn more →VPN
Virtual Private Network — an encrypted tunnel between a device and a remote server that protects traffic privacy and masks the user's IP address.
Vulnerability
A weakness in software, hardware, or processes that an attacker can exploit to compromise a system.
Learn more →WAF
Web Application Firewall — a security layer that inspects HTTP traffic and blocks attacks like SQL injection, XSS, and RCE before they reach the origin server.
Learn more →Waiting Room
A queue system that holds excess visitors in a virtual lobby during traffic spikes, protecting the origin from overload.
Learn more →Wildcard Certificate
An SSL/TLS certificate that secures a domain and all its subdomains using a wildcard (*.example.com).
WPScan
An open-source WordPress vulnerability scanner that identifies security issues in themes, plugins, and core installations.
Learn more →X-Content-Type-Options
An HTTP header (set to "nosniff") that prevents browsers from MIME-sniffing a response away from the declared Content-Type.
Learn more →X-Frame-Options
An HTTP header that controls whether a page can be embedded in iframes, protecting against clickjacking attacks.
Learn more →X-XSS-Protection
A legacy HTTP header that activates the browser's built-in XSS filter. Modern browsers rely on CSP instead.
Learn more →Zero-Day
A vulnerability that is exploited before the vendor is aware of it or has released a patch, leaving no time ("zero days") for defense.
Learn more →Zone File
A text file stored on a DNS server containing all the resource records for a domain, defining its DNS configuration.
Learn more →Missing a term?
We're always expanding this glossary. If there's a term you'd like defined, let us know at support@noc.org.
Get
Started