-
Notifications
You must be signed in to change notification settings - Fork 0
12 Glossary
Main address like example.com.
Child address like app.example.com.
Internal target service that DomNexDomain proxies to.
Multiple target servers for one service.
-
failover: backup server on failure -
round_robin: load distribution
Automated TLS certificate issuance.
Rule that allows or blocks access based on country code derived from client IP.
Role-based access control for users.
Fine-grained API permission assigned to tokens.
Public ingress layer of DomNexDomain handling routing, policy gates, and forwarding.
Admin API and Web UI used to configure domains, subdomains, users, and security policies.
Fixed, short-circuit request evaluation order where first terminal decision (drop/deny/error) ends processing.
Behavior + feed + signature driven risk engine used to classify and enforce against abusive sources.
Pattern-based detection rule (signature.*) matching suspicious paths, hosts, or user agents.
Elevated monitoring state for a source IP, typically used as a controlled pre-block stage.
Temporary block window (ban_until) where requests are denied for a limited time.
Highest enforcement level; source is added to block path and requests are dropped.
Gradual XP/level reduction over inactivity, with eventual cleanup for cooled-down sources.
Threat scoring model:
- XP: accumulated threat points
- Level: escalation stage
- Tier: UI label derived from level
Source IP appears in an enabled Threat Intel feed and is matched on live incoming traffic.
Explicit IP exception list that prevents normal threat enforcement for trusted sources.
Built-in temporary protection against high-rate requests to non-configured hostnames.
Branded edge response page with trace correlation while minimizing sensitive details.
Correlation identifier for linking edge responses with Strategic Intel investigations and related audit entries.
Chronological reconstruction of one request or security flow across flow, evidence, and action entries.
Trace event generated directly by DomNexDomain runtime logic, starting at first contact on the edge and ending at request completion or terminal deny/drop/error.
Trace event generated when Threat Intel records a classification input or decision-carrying signal.
Trace event derived from retained audit actions that carry the same trace ID.
Strategic Intel tab used to pivot by trace ID, IP, host, or related evidence and reconstruct the exact decision path.
Request origin class (for example internal/LAN vs external/internet) used in policy context.
Dedicated SSH gateway listener (:2222) that authorizes key-based forwarding to allowed targets.
SSH channel type used by bastion forwarding (-J/ProxyJump style flows).
Optional kernel-level block synchronization from Threat Intel blocked sources to nft sets/rules.
Configured proxy CIDRs whose forwarded headers are trusted for source IP/country resolution.
Single-use setup unlock code required during initial installation before first admin setup.
Local CLI recovery action (domnexdomain mfa-reset <username>) to recover admin access if MFA is misconfigured.
- Home
- Quick Start
- Prerequisites
- Installation
- First Login
- Initial Setup Assistant and OTS
- Domain Wizard
- Subdomain Wizard
- SSH Bastion Client Guide
- Subdomain Settings
- Dashboard Widget Guide
- UI Styles and Branding
- Access Control (Users, Groups, Permission Matrix, API Tokens)
- Users and Roles
- Identity Providers (LDAP + OIDC)
- API Tokens
- Threat Intel
- Logservers and External SIEM
- Operating Profiles
- API Usage Guide
- Product Roadmap
- Technical Reference
- Strategic Intel (Logs and Monitoring)
- Data Retention
- Security
- Backup and Restore
- Troubleshooting
- Glossary
- Support