WordPress Security Definitions
Comprehensive glossary of WordPress security terms, concepts, and definitions to help you understand and protect your site.
Firewall
10 termsNetwork security fundamentals including the OSI model, WAF, TCP/IP, HTTP, ICMP, DoS attacks, IP spoofing, and routing concepts.
Bots
8 termsBot-related definitions covering botnets, web crawlers, data scraping, click fraud, spam bots, and bot traffic management.
Security
15 termsCore security concepts including ransomware, social engineering, data breaches, zero-day exploits, DNS hijacking, and API security.
WordPress
10 termsWordPress-specific terminology covering plugins, themes, hooks, wp-config, REST API, and the WordPress ecosystem.
Infrastructure
10 termsNetwork and server infrastructure terms including SSL/TLS, DNS, CDN, WAF, firewalls, and the OSI model.
Threats
10 termsCyber threat definitions covering malware, phishing, botnets, DDoS attacks, ransomware, and social engineering.
What is a Man-in-the-Middle (MITM) Attack?
A Man-in-the-Middle (MITM) attack is a cyberattack where an attacker secretly intercepts and potentially alters communications between two parties who believe they are communicating directly with each other.
What is an on-path attack?
An on-path attack, traditionally known as a man-in-the-middle attack, occurs when an attacker secretly positions themselves between two communicating parties to intercept, read, and potentially alter the data being exchanged.
What is an SSL/TLS Certificate?
An SSL/TLS certificate is a digital credential that authenticates a website's identity and enables encrypted communication between a web browser and a server using the Secure Sockets Layer or Transport Layer Security protocol.
What is a Ping of Death (PoD) attack?
A Ping of Death (PoD) attack is a denial-of-service attack in which an attacker sends a malformed or oversized ICMP ping packet that exceeds the maximum allowed IP packet size, causing the target system to crash or freeze.
What is API Security?
API security refers to the practices and technologies used to protect application programming interfaces from attacks, misuse, and unauthorized access to the data and services they expose.
What is a Reverse Proxy?
A reverse proxy is a server that sits in front of one or more backend servers, intercepting client requests and forwarding them to the appropriate server, while also providing security, caching, and load distribution benefits.
What is a social engineering attack?
A social engineering attack is a manipulation technique that exploits human psychology to trick people into divulging confidential information, granting unauthorized access, or performing actions that compromise security.
What is a spam bot?
A spam bot is an automated program designed to send or post unsolicited messages in bulk, targeting email inboxes, website comment sections, contact forms, and social media platforms.
What is a supply chain attack?
A supply chain attack targets the less-secure elements in a software or hardware supply chain to compromise a final product or service, often by injecting malicious code into trusted components or updates.
What is a Supply Chain Attack?
A supply chain attack targets the less-secure elements in a software or hardware supply chain to compromise a final product or service, often by injecting malicious code into trusted components, libraries, or software updates.