CodeClarityLab / Glossary
Ctrl K
← Home ← Codex ← DEBT
Browse by Category
+ added · updated 7d
⚖ Terms of Use ✉ Contact

Tag: security

21 terms of 1466 total · page 1 of 2

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced Tag: security
✕ Clear A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Server-Side Includes (SSI) Injection
Attacker-controlled SSI directives (`<!--#exec ... -->`) injected into pages parsed by Apache or another SSI-enabled server, achieving file disclosure or remote command execution.
CWE-97 OWASP A3:2021
1mo ago security intermediate 9.8
Software Composition Analysis (SCA)
The practice and tooling for identifying all open-source and third-party components in a codebase, detecting known vulnerabilities (CVEs) in them, and flagging licence risks — distinct from static analysis of your own code.
2mo ago security intermediate
Safe Mode — What It Was & Why It Failed PHP 3.0+
PHP's safe_mode (PHP 3–5.3) attempted to restrict multi-user PHP hosting at the language level — it was removed in PHP 5.4 after being proven ineffective and breaking legitimate code.
2mo ago php intermediate
Safe Mode Removal & Modern Alternatives PHP 4.0+
PHP's safe_mode was removed in PHP 5.4 — it provided false security. Modern alternatives are open_basedir, OS-level permissions, and containers.
2mo ago security intermediate
Stream Filter Injection via php:// wrapper PHP 5.0+
PHP stream wrappers (php://filter, php://input) combined with user-controlled filenames enable LFI-to-RCE escalation — never allow user input in file paths.
2mo ago security advanced
Secret Sharing — Shamir's Scheme
Splitting a secret into N shares where any K can reconstruct it — preventing single points of failure for root encryption keys and disaster recovery credentials.
3mo ago cryptography advanced
Secure File Downloads PHP 5.0+
Preventing path traversal, unauthorised access, and content injection when serving file downloads — validating paths, checking authorisation, and setting correct headers.
3mo ago security intermediate
Sensitive Data in Logs PHP 7.0+
Logging passwords, tokens, credit card numbers, or PII — log aggregators store data indefinitely and are often less secured than primary databases.
3mo ago security intermediate
Signed Commits & GPG Verification
Cryptographically signing commits with GPG or SSH keys proves the commit was made by the stated author — important for supply chain security and verifying commit integrity.
3mo ago git intermediate
SSL/TLS Certificate Types
DV (automated domain validation), OV (organisation verified), EV (deprecated green bar), Wildcard — Let's Encrypt provides free DV with automated 90-day renewal.
3mo ago networking intermediate
SAST vs DAST vs IAST PHP 5.0+
Three automated security testing approaches: SAST analyses source code without running it, DAST attacks a running app from outside, IAST instruments the app from within during testing.
3mo ago security intermediate
Secret Rotation
The practice of periodically replacing cryptographic secrets, API keys, and credentials — limiting the window of exposure if a secret is compromised without triggering a breach.
3mo ago devops intermediate
Secrets Management 🧠 1
Storing, distributing, and rotating credentials securely — using dedicated tools rather than .env files in version control or hardcoded values in source code.
3mo ago security intermediate
serialize() / unserialize() PHP 5.0+
PHP's native serialisation functions can trigger arbitrary code execution via magic methods when deserialising untrusted data.
CWE-502 OWASP A8:2021
3mo ago php intermediate 9.8
session_regenerate_id() PHP 5.0+
Generates a new session ID after login — the primary defence against session fixation attacks.
3mo ago php intermediate
Diagram: Shared Responsibility Model Shared Responsibility Model
The division of security responsibilities between the cloud provider and the customer — the provider secures the infrastructure; the customer secures what runs on it.
3mo ago cloud intermediate
SSH Keys
Asymmetric cryptographic key pairs used for passwordless SSH authentication — the public key is placed on servers, the private key never leaves your machine.
3mo ago linux beginner
Diagram: Static Analysis Static Analysis PHP 7.1+ 🧠 2
Automated inspection of source code without execution to find type errors, security issues, dead code, and style violations.
3mo ago general intermediate
strip_tags() PHP 5.0+
Removes HTML and PHP tags from a string — not a reliable XSS defence on its own.
3mo ago php intermediate
Superglobals ($_GET, $_POST, $_SERVER…) PHP 5.0+
PHP's built-in global arrays that provide access to request data, environment, and server variables — all potentially attacker-controlled.
3mo ago php beginner
✓ schema.org compliant