Glossary
Platform & products
Webscale One
Definition. Webscale’s managed hosting platform for eCommerce. It’s the umbrella offering that bundles infrastructure, the Webscale proxy, CDN, and security services into a single managed environment. Customers migrating onto the platform are migrating onto Webscale One.
Aliases. None canonical. Avoid “the Webscale platform” in customer-facing materials when you specifically mean Webscale One.
Example. “After your Webscale One environment is provisioned, the migration team will request your domain list and current host paths."
Webscale Application
Definition. A first-class entity in the Webscale Control Panel representing a customer’s hosted eCommerce site (Magento, Shopware, etc.). The Application is the configuration container. It holds clusters, Web Controls, CDN settings, and Application Shielding policies.
Aliases. “Application” (capital A) when context makes the entity meaning clear. Avoid lowercase “application” when referring to this entity. Reserve lowercase for generic software references.
Example. “On your Application page, click the Actions menu and select Edit." Avoid: “Click on your application and edit it," which is ambiguous.
Don’t confuse with. A customer’s underlying eCommerce application code (Magento, Shopware), which is the application stack or codebase.
Stratus
Definition. Webscale’s managed cloud environment. The hosting tier where customer Applications run on Webscale-provisioned infrastructure rather than on the customer’s own AWS account. A Stratus provider is a configurable provider type for customers hosted in the Stratus cloud.
Aliases. “Stratus cloud,” “Stratus environment” are all equivalent. Pick one per document and stay consistent.
Example. “Customers with Applications hosted in the Stratus cloud will see the Stratus provider type in their cluster configuration."
CloudEDGE
Definition. Webscale’s distributed edge computing platform. CloudEDGE securely executes customer code close to end users at scale, and is the umbrella under which the CDN, Workers, and Handlers features live.
Example. “Webscale CloudEDGE is a distributed computing platform that simplifies global delivery of web applications and services."
Webscale CDN
Definition. Webscale’s content delivery network. The caching and acceleration layer that improves website performance by caching assets across geographically distributed edge locations.
Aliases. “CloudEDGE CDN” appears in older docs and means the same thing. Canonical going forward: Webscale CDN.
Example. “Webscale CDN enhances a website’s performance and page load time by caching assets across multiple edge locations."
CodeDirect
Definition. Webscale’s container build pipeline that produces deployable images from source code. CodeDirect handles builders, build images, and template substitution for files in the build context.
Example. “Use CodeDirect template substitution to inject secrets into included files at build time."
Networking & traffic
Webscale proxy
Definition. The Webscale platform’s defensive man-in-the-middle layer. All inbound customer traffic flows through the Webscale proxy first, where it can be inspected, filtered, and shaped before reaching the origin. The Webscale proxy is the enforcement point for Web Controls, CSP, and Application Shielding.
Aliases. “The proxy” is acceptable in context, but avoid it when egress proxy is also being discussed. Avoid “Webscale’s proxy server” (verbose).
Example. “Webscale acts as a defensive man-in-the-middle between your users and your origin. All traffic flows through the Webscale proxy first."
Don’t confuse with. Egress proxy (a separate product, see below). The Webscale proxy handles inbound traffic; the egress proxy handles outbound.
Egress proxy
Definition. An optional Webscale component that routes a customer’s outbound HTTP and HTTPS traffic through a fixed, static IP address. Used when an upstream service (payment processor, ERP, supplier API) requires a static-IP allowlist.
Aliases. None. Always “egress proxy,” never just “proxy” in this context.
Example. “The egress proxy is an optional component within the hosting environment designed to route outbound HTTP and HTTPS traffic through a fixed, static IP address."
Don’t confuse with. The Webscale proxy (inbound). When in doubt, lead with the direction word: inbound Webscale proxy, egress proxy.
Origin
Definition. The customer’s backend infrastructure that serves the actual application. It’s the source of truth that the CDN and Webscale proxy sit in front of. When Webscale CDN gets a cache miss, it forwards the request to origin.
Example. “On a cache miss, Webscale CDN forwards the request to origin and the worker with a request handler runs."
Don’t confuse with. Country of origin, a Web Control condition that filters by where the request comes from geographically.
Edge
Definition. The network location closest to where the end user’s browser connects to Webscale. The edge is geographically distributed for fast delivery of static assets and cacheable content. CloudEDGE Workers run at the edge.
Example. “The edge is the network location closest to where the user’s browser connects to Webscale."
SSH Gateway
Definition. A Webscale service that gives authorized users SSH access to managed environments without exposing direct SSH ports on customer infrastructure. The gateway acts as a controlled entry point for support, debugging, and operations.
Aliases. “Webscale SSH Gateway” in formal contexts.
Example. “Use the SSH Gateway to access your application servers. The gateway gives access without exposing direct SSH on the host."
Microsite
Definition. A standalone, lightweight website that displays in place of an Application, typically used to communicate maintenance, outage status, or to serve user challenge pages, proxy request rejections, and timeout messages.
Example. “A microsite is a standalone website that displays for your Application, for example to inform users that the site is in maintenance mode."
Compute & deployment
Cluster
Definition. The group of compute resources that runs a customer’s Application. A cluster has a defined minimum and maximum size, scales automatically according to its configuration, and can be either VM-based or Kubernetes-based.
Aliases. None. The word “cluster” alone should always mean the runtime grouping.
Example. “Define a minimum and maximum desired cluster size that limits these conditions. Find the cluster settings in the Account Settings section of the Webscale Control Panel."
Don’t confuse with. Cluster blueprint (the configuration template that produces clusters) and cluster type (VM vs Kubernetes, a property of the cluster).
Cluster blueprint
Definition. The reusable configuration template that defines how a cluster is provisioned: instance counts, scaling rules, logging configuration, and image references. Edited via the Cluster blueprint editor in the Webscale Control Panel.
Example. “The WMA logging service can be configured through the Cluster blueprint editor for both VM and Kubernetes-based cluster deployments."
Don’t confuse with. A cluster (the running thing) versus the blueprint (the template that produces it).
Autoscaling
Definition. Webscale’s automatic adjustment of cluster size based on traffic and resource conditions, bounded by a minimum and maximum size set in the cluster blueprint. For Kubernetes clusters, autoscaling is managed by the Horizontal Pod Autoscaler.
Aliases. “Auto-scaling” with a hyphen is incorrect. Avoid it; use the closed form.
Example. “Make your changes to the min and max server counts for the cluster, including when the cluster scales out or in."
CloudEDGE Handlers
Definition. Custom JavaScript code, packaged as handler files, that runs in a serverless execution environment at the CDN edge. Handlers are the code; they get associated with Web Controls to become Workers at runtime. Handlers are agnostic to the underlying cloud provider.
Aliases. “Handlers” alone is acceptable when the CloudEDGE context is established.
Example. “Handlers run your custom JavaScript code in a serverless execution environment that is agnostic to your cloud provider."
Don’t confuse with. Workers (see below). The relationship: handler files contain code, handlers incorporate those files, workers are what actually execute when traffic flows through.
CloudEDGE Workers
Definition. The runtime execution unit at the CDN edge. A Worker is created when a Handler is associated with a Web Control. The Worker is what actually fires when matching traffic arrives. CloudEDGE Workers are currently available only for Amazon CDN providers.
Aliases. “Workers” alone is acceptable when context is set.
Example. “Associating handlers with a control creates a worker that runs the JavaScript function."
Don’t confuse with. Handlers (see above). Memorable rule: Handlers are written, Workers are run.
Deployment
Definition. The act of releasing new code or configuration to a cluster. Webscale Essentials includes deployment commands for Magento and Shopware. Managed deployments can be enabled per cluster so future deployments fire automatically on configuration change.
Example. “All future deployments will be handled automatically when a relevant configuration change is made to the cluster."
Security & traffic control
Web Controls
Definition. Webscale’s rules engine for shaping traffic at the proxy. Web Controls let you configure conditions (country of origin, URL pattern, headers, etc.) and actions (block, rate-limit, run a Worker, modify response, etc.) without touching application code.
Aliases. “Web Control” (singular) when referring to a single rule; “Web Controls” (plural) for the system. Avoid “WAF rules” as a synonym. Web Controls can replace WAF rules but they’re a broader feature.
Example. “For WAF rules, you can use Web Controls to perform the same functions."
Application Shielding
Definition. Webscale’s set of platform-level protections applied to an Application, combining bot defense, rate limiting, CSP enforcement, and Web Controls into a coordinated defensive posture that runs at the Webscale proxy without changes to application code.
Example. “Application Shielding lets you apply protections even when your application stack is hard to change."
Cloud Bot Manager
Definition. Webscale’s bot management product, a multi-cloud solution that detects and blocks malicious bot traffic while improving site performance. Bot IP Shield is a feature within Cloud Bot Manager.
Aliases. “Bot Manager” alone is acceptable in context. Avoid “the bot product.”
Example. “Bot IP Shield is available as part of Cloud Bot Manager or Enterprise Cloud Secure."
Rate limiting
Definition. A defensive Web Controls technique that caps the number of requests from a given source over a time window, raising the cost for attackers (especially in carding scenarios) without blocking legitimate users.
Example. “Rate limiting is one of the most effective defenses against carding because it raises the attacker’s cost."
Content Security Policy (CSP)
Definition. A browser security feature that limits which domains a page can load scripts, images, and other resources from. Webscale enforces CSP at the Webscale proxy, which means policies apply uniformly without needing per-page application changes.
Aliases. “CSP” should be expanded on first use in customer-facing material.
Example. “Content Security Policy (CSP) is a browser feature that limits which domains your pages can load scripts, images, and other resources from."
Web Application Firewall (WAF)
Definition. A traditional security appliance category that filters HTTP traffic against known attack signatures. Webscale provides equivalent (and often superior) functionality via Web Controls. WAF rule files can still be uploaded for legacy compatibility.
Aliases. “WAF” should be expanded on first use externally.
Example. “You can also upload WAF rules, bootstrap, and Geodb files for use by legacy functionality."
Performance & delivery
CDN accelerator
Definition. An optional add-on subscription that optimizes edge delivery for specific use cases. For example, the Magento Varnish accelerator pairs with the Webscale Varnish Magento module, and HTML Streaming reduces time-to-first-byte for dynamic pages.
Aliases. “Accelerator” alone is acceptable in context.
Example. “Subscriptions for CDN accelerators may be set up to optimize edge delivery performance."
HTML Streaming
Definition. A CDN accelerator that streams HTML responses to the browser progressively, with advanced caching and Edge-Side Includes (ESI) support, reducing perceived page load time.
Example. “HTML Streaming is a CDN accelerator that offers fast response times and advanced caching techniques, with Edge-Side Includes support."
Custom VCL
Definition. Varnish Configuration Language code uploaded by the customer that gives complete control over how requests and responses are handled at the CDN’s edge servers. Custom VCL is uploaded via the File browser.
Aliases. “VCL” should be expanded on first use.
Example. “Custom VCL provides complete control over how requests and responses are handled at the CDN’s edge servers."
PageSpeed
Definition. A set of automatic page-optimization features (image compression, asset minification, etc.) configurable through Web Controls. PageSpeed requires CDN to be enabled.
Example. “Web Controls enable you to configure and disable specific PageSpeed features. Without CDN, PageSpeed is disabled."
Webscale Image Manager
Definition. A Webscale CDN feature that automatically converts site images to the WebP format for browsers that support it, with fallback Web Controls for browsers that don’t (e.g. older Safari).
Aliases. “Image Manager” alone in context.
Example. “For requests that meet the conditions for the Webscale Image Manager Web Controls, the feature converts images to the WebP format."
Tools & interfaces
Webscale Control Panel
Definition. The web UI where customers manage their Applications, clusters, Web Controls, Workers, Handlers, and account settings. The single canonical name for the customer-facing management interface.
Aliases. “Control Panel” alone is acceptable in context. Avoid “Webscale Dashboard” (that’s a different concept — the analytics overview within the Control Panel).
Example. “The Webscale Control Panel enables you to manage handlers and workers."
Traffic Viewer
Definition. The Webscale Control Panel feature for analyzing logs (Proxy Logs, Pageview Logs, CDN Logs, Custom Logs). Supports search queries and aggregate views over time.
Example. “The Traffic Viewer is a powerful tool for extracting information from logs and viewing aggregate data and trends over time."
Webscale CLI
Definition. The command-line tool that runs on Webscale-managed servers (webscale-cli) for cluster health checks, security operations, log capture, and deployment tasks. Distinct from the Webscale API.
Example. “One of the most common uses of the Webscale CLI is to check the overall health of the cluster: sudo webscale-cli health."
Webscale API
Definition. The HTTP API for programmatic interaction with the Webscale platform. Used to automate deployments, purge cache, manage handlers, and integrate with CI/CD pipelines.
Example. “You can use the Webscale API to purge specific items from the cache rather than the entire cache."
Webscale Monitoring Agent (WMA)
Definition. A Webscale-installed agent that captures and publishes text-based logs (web server access logs, error logs, deployment logs) from a customer’s environment. Configured via the Cluster blueprint editor.
Aliases. “WMA” should be expanded on first use externally.
Example. “Some environments may be set up with the Webscale Monitoring Agent (WMA) to capture and publish text-based logs."
User & access
Webscale account
Definition. The top-level container in Webscale that owns Applications, billing, and user access. Accounts can have sub-accounts beneath them, forming an account hierarchy. Every API call and Control Panel session is authenticated into a specific account.
Aliases. “Account” alone is acceptable in context. Avoid “tenant” or “organization.” Webscale uses “account.”
Example. “To upload a secret to your Webscale account, send a POST request with a valid authorization token to /v2/secrets."
Account hierarchy
Definition. The tree structure formed by an account and its sub-accounts. Hierarchies can have unbounded depth. Sub-accounts can themselves serve as parents to further sub-accounts. Used by Partners to grant scoped access to nested customer environments.
Aliases. “Account hierarchies” (plural) when referring to the concept. “Sub-account tree” should be avoided.
Example. “Account hierarchies can have unbounded depth, allowing sub-accounts to also serve as parent accounts to yet more sub-accounts."
Sub-account
Definition. An account nested beneath a parent account in an account hierarchy. Sub-accounts have their own users, roles, and resources, but inherit governance from their parent.
Example. “This hierarchy allows Partners to grant a user access to multiple sub-accounts while also being able to limit their access in each account."
Webscale role (RBAC role)
Definition. A configurable bundle of API and Control Panel permissions that a user can be invited to. Webscale uses role-based access control (RBAC). A user’s effective access is determined by the roles they’ve accepted invitations to. Roles can apply to a single account or cascade to its sub-accounts.
Aliases. “RBAC role,” “API role,” “Webscale API role” all refer to the same concept. Pick “Webscale role” externally for clarity.
Example. “A user’s access to the Webscale API is determined by the access described by the roles to which they have accepted invitations."
Don’t confuse with. User Role (capital U, capital R) is a different feature, see below.
User Role
Definition. A specific feature within Web Controls that designates groups of users (typically logged-in customers or staff) for use as a condition or action in traffic rules. User Roles power the Webscale Secure Access feature, which protects sections of an Application from the general internet.
Aliases. Always two words, both capitalized, which distinguishes from the broader RBAC concept.
Example. “To use this Web Control, first create or edit a User Role for the Web Control to use, and invite at least one user to the role."
Don’t confuse with. Webscale role (the RBAC concept above). Memorable rule: Webscale roles control who can administer the platform; User Roles control who can access protected parts of an Application.
Account owner
Definition. The default top-level role created with every Webscale account. The Account owner role limits which users are permitted to create roles within the account, and is the primary administrative role for an account or sub-account.
Aliases. “Account owner administrator” appears in some docs and is equivalent.
Example. “Sub-accounts will be created with their own Account owner role that limits which users are permitted to create roles in the account."
Webscale Secure Access
Definition. An optional Web Control action (restrict-access) that uses User Roles to protect sections of an Application from the general internet. Checks for a cookie indicating the visitor has been granted one of the specified User Roles before allowing access.
Example. “Webscale Secure Access is an optional Web Control action used to protect parts of your Applications from the general internet."
Multi-Factor Authentication (MFA)
Definition. A second authentication factor (typically a TOTP code or hardware key) required in addition to a password when signing in to Webscale. Configured per user in the User Profile. Account administrators can reset a user’s MFA via the Users page.
Aliases. “MFA” should be expanded on first use externally. Avoid “2FA,” even though it’s industry-common; Webscale uses MFA consistently.
Example. “In the User Profile the user can manage their password and their multi-factor authentication settings."
Access key
Definition. A bearer token used to authenticate against the Webscale API. Access keys are tied to a Webscale role and inherit that role’s permissions. The access_keys permission grants a user the ability to create access keys for the Webscale API.
Aliases. “API key” is colloquially used, but access key is the canonical Webscale term. Avoid mixing.
Example. “access_keys grants the user permission to the Webscale API."
Webscale Support
Definition. The Webscale customer support team and the ticketing system used to reach them. Customers contact Webscale Support to request feature access, report incidents, request infrastructure changes, and escalate technical issues.
Aliases. “Support” alone in context. “Webscale support” (lowercase s) is acceptable in narrative prose, but the noun phrase referring to the team/ticket system is Webscale Support.
Example. “Contact Webscale Support if database migrations fail or deployment completes but the site shows errors."
Plans & packaging
Webscale plan
Definition. A customer’s subscription tier with Webscale, which determines feature availability, log retention, included services, and SLA. Plans are priced like SaaS, with monthly recurring fees, sometimes with a one-time setup fee. The current plan catalog lives at webscale.com/plans.
Aliases. “Webscale subscription” and “Webscale tier” should be avoided. Webscale plan is canonical.
Example. “Log retention depends on the Webscale plan you are subscribed to, and any specific log retention periods you are contracted for."
Cloud Bot Manager
Definition. Webscale’s standalone bot management plan, a multi-cloud product that detects and blocks malicious bot traffic across any hosted environment. Cloud Bot Manager can be enabled via DNS changes alone and includes Bot IP Shield, Instant Attack Detection, Real-Time Bot Mitigation, and the Bot IP Directory.
Aliases. “Bot Manager” alone in context. (Cross-listed in the Security & traffic control category; same product.)
Example. “Cloud Bot Manager can be enabled with just DNS changes to protect any application on any hosted environment."
Enterprise Cloud Secure
Definition. Webscale’s enterprise security plan that bundles Cloud Bot Manager, Application Shielding, advanced Web Controls, and Bot IP Shield into a single subscription aimed at large eCommerce customers with comprehensive security needs.
Aliases. “Cloud Secure” in context, but full name preferred externally.
Example. “Bot IP Shield is available as part of Cloud Bot Manager or Enterprise Cloud Secure."
Webscale Essentials
Definition. Webscale’s foundational deployment toolkit. The entry-level deployment surface that includes basic deployment commands for Magento and Shopware (essentials-deploy, essentials-commands) and provides the deployment baseline for Webscale One environments.
Example. “Webscale Essentials provides deployment guides and commands for Magento and Shopware applications."
Webscale M1 Support
Definition. A specialized, security-focused support plan for digital commerce merchants who chose to remain on Magento 1.x past its end-of-life in June 2020. Offered in two variants: Webscale Cloud M1 Support (for cloud-hosted environments managed by Webscale) and a self-hosted variant.
Example. “Webscale M1 Support is a comprehensive, security-focused SaaS solution for digital commerce merchants planning to remain on Magento 1.x beyond its end-of-life in June 2020."
Webscale Shield Mode
Definition. An emergency feature, enabled with a single click, that locks all bots out of an Application and validates users to allow only humans through. Used by administrators to buy time during an attack while the underlying pattern is identified and permanently blocked.
Aliases. “Webscale Shield” alone in context. Don’t confuse with Application Shielding (a broader, always-on protection layer) or Bot IP Shield (a feature within Cloud Bot Manager).
Example. “To get ahead of this problem, the admin can enable Webscale Shield with a single click. Webscale Shield locks all bots out of the application instantly and validates users to only allow humans."
Don’t confuse with. Application Shielding (continuous protections, see Security category) and Bot IP Shield (a Cloud Bot Manager feature). Memorable rule: Application Shielding is the moat; Webscale Shield Mode is the drawbridge going up.
Acronym quick reference
A condensed lookup for acronyms used across Webscale docs and customer conversations. Click through to the full entry above where one exists.
| Acronym | Expansion | Notes |
|---|---|---|
| ADC | Application Delivery Controller | Legacy appliance category Webscale replaces. |
| API | Application Programming Interface | Webscale API has its own entry. |
| CDN | Content Delivery Network | See Webscale CDN. |
| CLI | Command Line Interface | See Webscale CLI. |
| CSP | Content Security Policy | Has full entry. |
| DNS | Domain Name System | Industry-standard. |
| ESI | Edge-Side Includes | A feature of HTML Streaming. |
| HSTS | HTTP Strict Transport Security | Industry-standard. |
| MFA | Multi-Factor Authentication | Has full entry. |
| PCI | Payment Card Industry (DSS) | Compliance context for eCommerce. |
| RBAC | Role-Based Access Control | See Webscale role. |
| SSL | Secure Sockets Layer | Use TLS in current documentation. |
| TLS | Transport Layer Security | Modern term, preferred over SSL. |
| TTFB | Time To First Byte | Performance metric. |
| TTL | Time To Live | Cache duration. |
| VCL | Varnish Configuration Language | See Custom VCL. |
| WAF | Web Application Firewall | Has full entry. |
| WMA | Webscale Monitoring Agent | Has full entry. |
| XSS | Cross-Site Scripting | Attack class. |
Feedback
Was this page helpful?
Glad to hear it! Have any more feedback? Please share it here.
Sorry to hear that. Have any more feedback? Please share it here.