WordPress Security Definitions
Comprehensive glossary of WordPress security terms, concepts, and definitions to help you understand and protect your site.
Firewall
10 termsNetwork security fundamentals including the OSI model, WAF, TCP/IP, HTTP, ICMP, DoS attacks, IP spoofing, and routing concepts.
Bots
8 termsBot-related definitions covering botnets, web crawlers, data scraping, click fraud, spam bots, and bot traffic management.
Security
15 termsCore security concepts including ransomware, social engineering, data breaches, zero-day exploits, DNS hijacking, and API security.
WordPress
10 termsWordPress-specific terminology covering plugins, themes, hooks, wp-config, REST API, and the WordPress ecosystem.
Infrastructure
10 termsNetwork and server infrastructure terms including SSL/TLS, DNS, CDN, WAF, firewalls, and the OSI model.
Threats
10 termsCyber threat definitions covering malware, phishing, botnets, DDoS attacks, ransomware, and social engineering.
What is TCP/IP?
TCP/IP (Transmission Control Protocol/Internet Protocol) is the foundational suite of communication protocols that powers the internet, governing how data is addressed, transmitted, routed, and received across networks.
What is the WordPress Database (wp_options, wp_posts)?
The WordPress database is a MySQL or MariaDB relational database that stores all site content, settings, user data, and plugin configurations in a structured set of tables, with wp_options and wp_posts being two of the most critical and security-sensitive tables.
What is the WordPress REST API?
The WordPress REST API is a JSON-based interface that allows external applications and front-end frameworks to interact with WordPress data over HTTP, enabling headless architectures and third-party integrations.
What is UDP?
UDP (User Datagram Protocol) is a lightweight, connectionless transport-layer protocol that sends data packets called datagrams without establishing a prior connection or guaranteeing delivery.
What is web application security?
Web application security is the practice of protecting websites and web applications from cyber threats by identifying, remediating, and preventing vulnerabilities that attackers could exploit.
What is WordPress Cron (WP-Cron)?
WordPress Cron (WP-Cron) is a pseudo-cron system that schedules and executes time-based tasks such as publishing scheduled posts, checking for updates, and sending email notifications, triggered by site visits rather than system-level timers.
What is WordPress Hooks (Actions and Filters)?
WordPress hooks are a system of actions and filters that allow developers to modify or extend WordPress core functionality without editing core files, forming the backbone of the plugin and theme architecture.
What is WordPress Multisite?
WordPress Multisite is a feature that allows administrators to run a network of multiple WordPress sites from a single WordPress installation, sharing the same codebase and database while introducing unique security considerations.
What is WordPress Nonces?
WordPress nonces are single-use security tokens that protect against cross-site request forgery (CSRF) attacks by verifying that a request originated from a legitimate user action within the WordPress admin interface.
What is WordPress Plugins?
WordPress plugins are software packages that extend and customize WordPress functionality, ranging from simple tweaks to complex features, and represent both the platform's greatest strength and its most significant security attack surface.