Not sure what a PHP worker or NVMe storage really means? This glossary breaks down key web hosting terms in plain English so you can understand what matters, compare hosting plans with confidence, and make smarter choices for your website. Whether you’re a beginner or managing multiple client sites, this is your go-to resource for hosting terminology.
Hosting Tech
HTTP/2
HTTP/2 is a major upgrade to the original HTTP protocol that enables multiplexing, header compression, and faster loading by allowing multiple requests to be sent over a single connection. It reduces latency and improves page load speed by eliminating the need for multiple TCP connections. Hosting providers that support HTTP/2 generally deliver better performance for websites with many static assets like images, CSS, and JavaScript files.
HTTP/3
HTTP/3 is the latest version of the HTTP protocol that runs over QUIC instead of TCP, offering faster and more reliable connections, especially over mobile or high-latency networks. QUIC is designed to avoid head-of-line blocking, making HTTP/3 particularly effective in modern web apps and real-time experiences. Adoption is growing among content delivery networks (CDNs) and performance-focused hosts.
LiteSpeed
LiteSpeed is a commercial web server known for high performance, built-in caching, and superior compatibility with WordPress, often outperforming Apache and NGINX in speed.
NGINX
NGINX is a lightweight, high-performance web server and reverse proxy that excels at handling concurrent connections and serving static content quickly. It is often used to load balance traffic, serve as a cache layer, or act as a reverse proxy in modern web stacks. Many hosting environments combine NGINX with Apache or PHP-FPM for optimal performance and flexibility.
Apache
Apache is one of the oldest and most widely used open-source web servers, known for its flexibility, .htaccess support, and vast module ecosystem. While it may not match NGINX in raw concurrency handling, Apache is extremely versatile and easy to configure, especially for shared hosting. It supports dynamic content via built-in modules and is compatible with nearly all CMS platforms.
Redis
Redis is an in-memory data store often used as a caching layer in hosting environments to improve database performance and reduce load times. It supports data structures like strings, hashes, and lists, making it suitable for object caching, session storage, and real-time analytics. WordPress sites using Redis for object caching typically see lower CPU usage and faster dynamic response times.
Memcached
Memcached is a memory caching system used to speed up dynamic websites by caching database queries, commonly used in shared and VPS hosting. While simpler than Redis, it’s extremely fast and efficient for read-heavy workloads. It’s widely supported by hosting control panels and applications like WordPress and Magento.
MariaDB
MariaDB is a drop-in replacement for MySQL, offering improved performance and scalability while remaining fully open-source.
MySQL
MySQL is a widely used open-source relational database system that powers many web applications and content management systems like WordPress.
PostgreSQL
PostgreSQL is an advanced open-source database system known for its reliability, complex querying capabilities, and compliance with SQL standards.
Node.js
Node.js is a runtime that allows developers to build server-side applications using JavaScript, often used in full-stack hosting environments.
Python
Python is a versatile, high-level programming language supported by many web hosts for building applications, APIs, and backend systems.
Perl
Perl is an older scripting language still supported on some hosting plans, though it’s largely been replaced by more modern options like Python or PHP.
SSH
SSH (Secure Shell) is a protocol that allows users to securely access and manage their hosting server via the command line. It encrypts all transmitted data, protecting against eavesdropping and man-in-the-middle attacks. SSH access is especially useful for developers and system admins who need to manage files, databases, or Git repositories remotely.
cURL
cURL is a command-line tool for transferring data with URLs. It’s commonly used in testing APIs and debugging website connectivity.
WebSockets
WebSockets allow real-time, bi-directional communication between client and server, useful for live chats, gaming, and data feeds.
Cron Job
A cron job is a scheduled task on a server that runs automatically at specified intervals — useful for backups, updates, or sending emails.
.htaccess
.htaccess is a configuration file used in Apache-based hosting to control redirects, password protection, and access rules on a per-directory basis. It allows you to override global settings without needing full server access. Common use cases include enabling gzip compression, forcing HTTPS, customizing error pages, or setting caching policies.
GZIP Compression
GZIP compression reduces the size of web files sent from server to browser, speeding up site load times and saving bandwidth.
Brotli Compression
Brotli is a newer compression algorithm developed by Google, offering better compression rates than GZIP and increasingly supported in modern hosting. It compresses web assets more efficiently, reducing file size and improving site speed, especially for HTTPS sites. Brotli is now natively supported in most major browsers and web servers like NGINX and LiteSpeed.
OPcache
OPcache is a PHP accelerator that caches compiled PHP code in memory, reducing load times and improving performance on PHP-based sites.
CloudLinux
CloudLinux is a commercial OS optimized for shared hosting environments, providing account isolation and resource limits to enhance stability.
ModSecurity
ModSecurity is an open-source web application firewall (WAF) that protects websites from common threats like SQL injection and XSS.
FastCGI
FastCGI is a protocol for interfacing web servers with applications, improving performance over traditional CGI by reusing processes.
CGI
CGI (Common Gateway Interface) is an older standard for running external scripts via web servers. It’s mostly replaced by FastCGI and newer methods.
IPv4
IPv4 is the fourth version of the Internet Protocol, widely used to assign numerical IP addresses to devices on a network.
IPv6
IPv6 is the successor to IPv4, offering a vastly larger address space and improved routing, gradually replacing IPv4.
IP Address
An IP address is a unique string of numbers assigned to each device or server on a network to identify and communicate with it. In hosting, each server or website may have a dedicated or shared IP address. Dedicated IPs are often required for private SSL certificates, email reputation, or specific DNS configurations.
DNS Prefetching
DNS prefetching is a browser optimization technique that resolves domain names in advance to reduce latency when a link is clicked.
Keep-Alive
Keep-Alive is an HTTP header that allows persistent connections, enabling multiple requests between browser and server without reopening TCP connections.
X-Frame-Options
X-Frame-Options is a security header that prevents clickjacking by restricting how your website can be embedded in iframes on other sites.
MIME Type
A MIME type tells the browser how to handle different file types like images, HTML, or PDFs when loading from a server.
CORS
CORS (Cross-Origin Resource Sharing) is a policy that controls how resources on a website can be accessed from another domain.
HTTP Headers
HTTP headers carry metadata between server and browser, including caching rules, content types, and security policies.
Content-Encoding
Content-Encoding is a header that tells the browser which compression method (like GZIP or Brotli) was used to reduce file size.
FTP
FTP (File Transfer Protocol) is an older method for uploading and managing files on a server. It’s often replaced by more secure options like SFTP or FTPS. While simple to use, FTP transmits data — including passwords — in plain text, making it vulnerable on unsecured networks. Most modern hosts now recommend using SFTP instead.
SFTP
SFTP (SSH File Transfer Protocol) is a secure version of FTP that uses SSH for encryption and authentication.
Let’s Encrypt
Let’s Encrypt is a free certificate authority that provides SSL certificates, enabling HTTPS security for websites.
Server & Infra
Dedicated Server
A dedicated server is a physical machine reserved exclusively for a single user or application. It provides full access to all system resources like CPU, RAM, and storage without sharing them with other users. This setup offers the highest level of control, customization, and performance. Dedicated hosting is best suited for high-traffic websites, custom applications, or organizations with strict compliance and security requirements (more details).
Virtual Private Server (VPS)
A Virtual Private Server (VPS) is a virtualized environment that simulates a dedicated server within a shared physical host. It uses a hypervisor to allocate dedicated CPU, RAM, and storage resources, giving users more control and performance compared to shared hosting. VPS is ideal for developers, growing websites, or applications that require root access and flexible software configurations (more details).
Shared Hosting
Shared hosting is a cost-effective hosting solution where multiple websites share the same server resources like CPU, memory, and storage. It is beginner-friendly and includes essential tools like control panels, one-click installers, and email hosting. While suitable for small websites or blogs, shared hosting has limitations in performance and scalability, especially under heavy traffic (more details).
Cloud Hosting
Cloud hosting uses a network of interconnected virtual servers to deliver scalable and reliable hosting. Unlike traditional hosting that relies on a single server, cloud infrastructure distributes load and redundancy across multiple nodes. This setup ensures high availability, auto-scaling capabilities, and flexible billing based on usage.
Edge Computing
Edge computing brings computation and data storage closer to the users by deploying servers at geographically distributed locations. In web hosting, this reduces latency and speeds up content delivery for global audiences. It’s commonly used in conjunction with CDNs, real-time apps, and IoT systems.
Bare Metal Server
A bare metal server is a physical server without any virtualization layer, offering raw performance and complete control. It’s ideal for resource-intensive applications like databases, gaming, or video processing.
Hypervisor
A hypervisor is software that creates and manages virtual machines (VMs) by dividing the host system’s resources. It is a key component in VPS and cloud environments.
Container
A container is a lightweight, standalone software package that includes everything needed to run an application. Containers are isolated from each other and the host system, making them highly portable.
Docker
Docker is a widely-used platform that allows developers to package applications and their dependencies into isolated containers. These containers are lightweight, portable, and consistent across various environments, making it easier to build, test, and deploy applications without worrying about compatibility issues. Docker simplifies CI/CD workflows and supports rapid scaling by running multiple containers on the same host. It’s popular in both development and production due to its efficiency and reproducibility.
Kubernetes
Kubernetes is a powerful open-source container orchestration system designed to automate the deployment, scaling, and management of containerized applications. Originally developed by Google, it handles container scheduling, health monitoring, rolling updates, and self-healing for applications running in large-scale environments. Kubernetes abstracts infrastructure complexity and enables efficient resource usage, making it ideal for managing modern microservices architectures in cloud and hybrid environments.
Load Balancer
A load balancer evenly distributes incoming network or application traffic across multiple servers to ensure high availability and reliability. It prevents any single server from becoming a bottleneck, which helps maintain optimal performance during traffic spikes. Load balancers can operate at the transport (Layer 4) or application (Layer 7) level and often include health checks to route traffic away from failed nodes. They are critical for scalability in hosting and cloud architectures.
Reverse Proxy
A reverse proxy is a server that sits between client devices and web servers, forwarding incoming requests to the appropriate backend server. It provides multiple benefits including load balancing, SSL termination, content caching, and protection from direct exposure to the internet. Reverse proxies like NGINX or Apache mod_proxy are commonly used to enhance site performance, improve security, and simplify infrastructure management in web hosting environments.
RAID
RAID (Redundant Array of Independent Disks) is a method of combining multiple physical hard drives into one logical unit to improve performance, increase storage capacity, or provide data redundancy. Different RAID levels (such as RAID 0, 1, 5, 10) offer various balances between speed and fault tolerance. In hosting, RAID is often used to protect against disk failure and to ensure continuous data access without relying solely on backups.
Uptime
Uptime refers to the amount of time a server or website remains online and accessible without interruptions. Hosting providers often guarantee a specific uptime percentage, such as 99.9% or higher. Higher uptime ensures better reliability and fewer lost opportunities for businesses relying on their websites for leads, sales, or customer engagement.
Latency
Latency is the time it takes for a request to travel from a user’s device to the server and back. In hosting, low latency improves page load speed and user experience. It is affected by server location, network quality, and DNS performance (more details).
Server Location
Server location refers to the physical data center where your website is hosted. Choosing a location closer to your target audience reduces latency and improves performance (more details).
vCPU
A vCPU (virtual CPU) represents a portion of a physical processor allocated to a virtual machine. More vCPUs generally mean better multitasking and processing power.
RAM
RAM (Random Access Memory) temporarily stores active data for faster access. In hosting, higher RAM improves site responsiveness, especially under load.
IOPS
IOPS (Input/Output Operations Per Second) measures how quickly a server can read and write data. It’s a key metric for disk performance.
NVMe
NVMe (Non-Volatile Memory Express) is a high-speed storage protocol used with SSDs that dramatically improves read/write speeds.
SSD
SSD (Solid State Drive) is a fast, reliable type of storage with no moving parts. It’s widely used in hosting for improved performance.
HDD
HDD (Hard Disk Drive) is a traditional storage device that uses spinning disks. It’s slower than SSDs but still used in budget hosting plans.
Data Center
A data center is a facility that houses servers and related infrastructure to store and deliver digital services.
Bandwidth
Bandwidth refers to the amount of data that can be transmitted between your site and users. Higher bandwidth supports more traffic.
Network Throughput
Network throughput is the actual amount of data transferred over the network in a given time. It determines real-world performance.
KVM
KVM (Kernel-based Virtual Machine) is a virtualization technology that allows for secure, isolated VPS hosting.
OpenVZ
OpenVZ is a container-based virtualization platform that shares the host OS. It’s lightweight but offers less isolation than KVM.
Green Hosting
Green hosting refers to hosting providers that use renewable energy or carbon offsets to reduce their environmental impact (more details).
PCIe
PCIe (Peripheral Component Interconnect Express) is a high-speed interface used for SSDs and GPUs in hosting servers.
Power Redundancy
Power redundancy ensures continuous server operation using backup generators or UPS systems during power failures.
Cold Storage
Cold storage refers to data that is rarely accessed and stored on low-cost, high-capacity media.
DDoS Protection
DDoS protection safeguards your server against distributed denial-of-service attacks that can overwhelm and take it offline.
CDN Node
A CDN node is a local cache server that stores content closer to end users. It helps improve site speed and reduces origin server load (more details).
Cloudflare
Cloudflare is a popular CDN and security provider that offers performance optimization and protection against online threats (more details).
phpMyAdmin
phpMyAdmin is a web-based interface for managing MySQL or MariaDB databases. It’s widely available in cPanel and shared hosting.
Server Stack
A server stack is the combination of software layers used to serve websites, typically including the OS, web server, database, and scripting language.
PHP Workers
PHP workers are server processes that handle requests for dynamic PHP content, like WooCommerce checkouts or logged-in user sessions. Each request uses one PHP worker, so having more workers allows your server to process more simultaneous tasks. On platforms like Cloudways or Kinsta, PHP workers are a key factor in performance. Limited workers can cause slowdowns if your site experiences spikes in traffic (more details).
Hardware Firewall
A hardware firewall is a physical device that filters traffic to and from a server to block malicious connections.
BGP Routing
BGP (Border Gateway Protocol) is the system that routes traffic between autonomous networks on the internet. It ensures redundancy and reliability.
Account Isolation
Account isolation is a security technique that separates user environments in shared hosting. It prevents one compromised account from affecting others. Hosting platforms using CloudLinux or containerization often use this to enhance security and resource control.
Plan Features
Unlimited Bandwidth
“Unlimited” bandwidth typically means your hosting provider does not impose a strict monthly cap on data transfer. However, it is governed by a fair usage policy that restricts excessive or abusive use of server resources. Most websites never hit these limits, making it a good value for average users. Heavy traffic sites should review the fine print or consider VPS/cloud plans for true scalability.
Free Migration
Free migration refers to a hosting provider offering to move your website from your current host to their platform at no cost. It usually includes file transfer, database import, and DNS adjustments. Managed WordPress hosts often handle migrations end-to-end. It’s ideal for users switching hosts without technical knowledge.
One-Click Installer
A one-click installer lets you set up applications like WordPress, Joomla, or Drupal through a graphical interface with minimal input. Popular tools include Softaculous, Installatron, and proprietary installers offered by hosts. It simplifies CMS deployment and is ideal for beginners.
Site Builder
A site builder is a drag-and-drop tool that allows users to build websites without coding. Some hosting providers bundle free builders like Weebly or proprietary tools with their plans (more details).
Email Hosting
Email hosting provides users with the ability to send and receive emails using their domain name. It’s often bundled into shared or business hosting plans (more details).
Parked Domains
A parked domain is a registered domain name that is not actively being used for a website. It may display a placeholder page or redirect to another domain.
Add-on Domains
An add-on domain allows you to host multiple domains and websites under a single hosting account.
Subdomains
Subdomains are extensions of your main domain, useful for creating separate sections like blog.example.com.
Control Panel
A control panel is a web-based interface that allows users to manage hosting settings without technical expertise. Common control panels include cPanel, Plesk, and DirectAdmin. You can manage files, databases, email accounts, SSL, DNS, and more. Control panels make hosting much more accessible for non-developers (more details).
cPanel
cPanel is one of the most widely used hosting control panels, offering a GUI to manage websites, email, and databases.
Plesk
Plesk is a commercial control panel popular for Windows and Linux hosting. It supports both website and server management.
DirectAdmin
DirectAdmin is a lightweight and cost-effective control panel with core features for managing web hosting accounts.
Money-Back Guarantee
A money-back guarantee allows users to cancel their hosting service within a defined period for a full refund.
Free SSL
Free SSL refers to the inclusion of SSL certificates at no extra cost. Most providers use Let’s Encrypt or similar services (more details).
Website Backup
Website backups store a copy of your files and database so you can restore your site in case of issues.
Daily Backup
Daily backups automate the process of saving your website every 24 hours. It’s a must-have for frequently updated sites.
On-Demand Backup
An on-demand backup lets you create a snapshot of your website manually before making changes.
Uptime Guarantee
An uptime guarantee is a hosting provider’s promise that your website will be accessible for a certain percentage of time — typically 99.9% or higher. If downtime exceeds this threshold, you may be eligible for compensation. While not a performance metric, uptime guarantees are a key indicator of service reliability (more details).
CPU Limit
A CPU limit caps how much processing power your hosting account can use. Exceeding it may cause slowdowns or temporary suspension.
Disk Quota
Disk quota refers to the total amount of disk space allocated to your hosting account for files, databases, and emails.
Inode Limit
An inode limit sets the maximum number of files your hosting account can store. Every file or folder counts as one inode (more details).
Auto-Scaling
Auto-scaling is a feature where server resources automatically increase or decrease based on your website’s demand. It’s common in cloud hosting and prevents downtime during traffic surges. Unlike shared hosting, you don’t need to upgrade manually — the system adapts in real time.
Staging Site
A staging site is a clone of your live site used for testing changes or updates before going live (more details).
Developer Tools
Developer tools refer to features like SSH access, Git integration, and WP-CLI that enable advanced site management.
SSH Access
SSH access allows you to connect to your hosting server securely via the terminal for command-line control.
Git Integration
Git integration allows developers to manage version control directly from the hosting environment.
WP-CLI
WP-CLI is a command-line tool for managing WordPress installations without using the admin dashboard.
White-Label Hosting
White-label hosting allows resellers to offer hosting services under their own brand while using the infrastructure of another company.
Reseller Hosting
Reseller hosting enables you to sell hosting space to others, often with a control panel and branding features.
Email Forwarding
Email forwarding lets you automatically redirect messages from one email address to another.
Spam Protection
Spam protection filters unwanted emails using tools like SpamAssassin or machine learning.
Webmail
Webmail is a browser-based interface to access your email hosted with the provider.
Cron Manager
A cron manager allows you to schedule scripts or commands to run automatically at specific intervals.
Malware Scanning
Malware scanning detects malicious code or vulnerabilities in your site files.
Multi-Site Support
Multi-site support allows you to run multiple websites from a single CMS installation.
SSL Manager
An SSL manager is a tool in your hosting control panel that lets you install, renew, and manage SSL certificates.
Resource Usage Dashboard
A resource usage dashboard displays metrics like CPU, RAM, disk space, and bandwidth usage.
Cache Manager
A cache manager lets you configure and clear caching systems like Varnish, Redis, or server-level page caching.
Priority Support
Priority support gives your tickets or chat requests faster response times. It’s usually reserved for premium plans or available as a paid upgrade. This feature is valuable when managing business-critical sites or during outages.
Benchmarks
TTFB
TTFB (Time to First Byte) measures the time between the browser requesting a page and receiving the first byte of response from the server. It reflects your web server’s processing speed, DNS resolution, and connection latency. A fast TTFB (ideally under 200ms) is essential for perceived performance (more details).
Loader.io
Loader.io is a cloud-based load testing tool that simulates concurrent users to measure a web application’s performance under stress.
WebPageTest
WebPageTest is a browser-based testing platform that analyzes key performance metrics like TTFB, LCP, and Speed Index from multiple global locations.
GTmetrix
GTmetrix combines Google Lighthouse and Web Vitals scores to evaluate and optimize page speed.
Pingdom Tools
Pingdom Tools lets you test website load times and performance by region, with simple grades and waterfall charts.
WP Benchmark Plugin
The WP Benchmark Plugin measures WordPress-specific performance, including PHP execution, DB queries, and file system I/O.
Apache Benchmark (ab)
Apache Benchmark (ab) is a command-line tool to benchmark HTTP server performance by generating concurrent requests.
Siege
Siege is an open-source load testing utility that simulates multiple users hitting a web server to evaluate performance.
k6.io
k6.io is a modern developer-centric performance testing tool ideal for testing APIs and CI/CD workflows.
PageSpeed Insights
PageSpeed Insights by Google audits website performance and provides optimization suggestions based on Core Web Vitals.
Lighthouse
Lighthouse is an open-source tool that audits web performance, accessibility, SEO, and best practices.
Speed Index
Speed Index reflects how quickly content is visually populated during loading.
Uptime Robot
Uptime Robot monitors website availability and alerts you when your site is down.
StatusCake
StatusCake is a website uptime and performance monitoring tool that supports detailed reporting and global test locations.
New Relic
New Relic provides deep application performance monitoring with server metrics, tracing, and error tracking.
Datadog
Datadog is a cloud-native monitoring and analytics platform used for full-stack performance observability.
Query Monitor
Query Monitor is a developer plugin for WordPress that tracks database queries, hooks, and HTTP API calls.
WP Crontrol
WP Crontrol lets you view and manage WordPress cron events to debug scheduled tasks.
MySQL Tuner
MySQL Tuner is a script that helps you optimize MySQL settings based on live performance data.
Blackfire.io
Blackfire.io is a performance profiling tool for PHP applications that visualizes bottlenecks.
xDebug
xDebug is a debugging and profiling tool for PHP, widely used in development environments.
Time to Interactive
Time to Interactive measures when a page becomes fully interactive after loading.
PHP Execution Time
PHP Execution Time is the total time it takes for the server to process PHP scripts.
Cache Hit Ratio
Cache Hit Ratio tracks the percentage of requests served from cache vs origin.
Resource Usage Report
A resource usage report summarizes how much CPU, RAM, and disk I/O your site is using.
CDN Performance
CDN performance evaluates how well a content delivery network improves asset load speed.
Requests per Second
Requests per second measures how many HTTP requests a server can process per second.
Throughput
Throughput is the volume of data processed by a system in a given time — often measured in MB/s.
Disk I/O
Disk I/O shows how fast the server reads/writes data to the disk.
Memory Usage
Memory usage reflects how much RAM is consumed by processes running on your host.
CPU Load
CPU load indicates how much processing power is currently being used by your server.
Benchmark Score
A benchmark score summarizes your server or site’s performance based on tests or plugins.
Browser Waterfall
A browser waterfall chart visualizes resource loading order, timing, and bottlenecks.
Heatmap Tool
A heatmap tool shows where users click, scroll, or hover — useful for UX and frontend performance.
Error Rate
Error rate measures how many HTTP requests return errors (e.g., 4xx or 5xx codes).
Log Analyzer
A log analyzer processes access or error logs to identify slow queries, 404s, or attack patterns.
LCP
LCP (Largest Contentful Paint) is a Core Web Vital metric that tracks when the largest visible element on a page is fully loaded. It’s a direct indicator of perceived page speed. Google recommends keeping LCP under 2.5 seconds for good UX. Hosting performance, image optimization, and caching all affect this score.
FCP
FCP (First Contentful Paint) measures how long it takes for the browser to render the first visible element (text or image). It is a key metric for user-perceived load speed. A fast FCP creates a positive first impression, even if the rest of the page is still loading.
CLS
CLS (Cumulative Layout Shift) quantifies unexpected layout movements during page load. A low CLS ensures visual stability — important for UX and mobile usability. Poor hosting performance, late-loading fonts, and unoptimized media can increase CLS scores.
Response Time
Response time is the time it takes for your server to process a request and send data back to the user. It includes network latency, backend processing, and resource loading. Lower response times improve user experience and search rankings.
Security
SSL Certificate
An SSL certificate encrypts the data transmitted between your website and visitors, ensuring that sensitive information like passwords and credit card details stays private. It activates HTTPS in the browser, which is a secure protocol, and also displays a padlock icon to reassure users. Most modern websites use SSL as a standard security measure, and it’s also a ranking factor for search engines. SSL certificates can be issued by trusted Certificate Authorities (CAs) and may be free (e.g. Let’s Encrypt) or paid depending on the level of validation (more details).
TLS
TLS (Transport Layer Security) is the modern cryptographic protocol that replaced SSL for securing data over the internet. It encrypts data in transit between clients and servers, preventing eavesdropping or tampering. TLS supports features like forward secrecy, session resumption, and stronger cipher suites than its predecessor. While people still refer to “SSL certificates,” most use TLS under the hood. It’s essential for protecting web, email, FTP, and VoIP communications today.
HTTPS
HTTPS (Hypertext Transfer Protocol Secure) is the secure version of HTTP, using SSL/TLS protocols to encrypt data exchanged between a user’s browser and your website. It prevents data interception or manipulation during transmission and helps ensure privacy and integrity. HTTPS also improves credibility by showing a secure padlock in the address bar and is considered a best practice for all websites. Search engines like Google favor HTTPS-enabled websites for ranking.
Firewall
A firewall acts as a barrier between your web server and incoming traffic, monitoring and filtering data packets based on predefined security rules. It helps block unauthorized access, prevent attacks, and restrict potentially harmful traffic. Firewalls can be hardware-based, software-based, or cloud-based, and are essential in both network-level and application-level security strategies. In hosting, they are often used to protect websites from common threats like port scans, brute force attempts, and malware injection.
WAF
A Web Application Firewall (WAF) protects your website by monitoring, filtering, and blocking malicious HTTP/HTTPS traffic targeting web applications. It sits between the user and the web server, helping prevent threats like SQL injection, cross-site scripting (XSS), and bot abuse. WAFs can be configured with rule sets to block suspicious patterns and are commonly offered by CDN providers or integrated into hosting control panels. They play a vital role in real-time threat detection and response.
DDoS Protection
DDoS protection safeguards your website or server against Distributed Denial of Service attacks, where attackers flood your network with massive traffic to exhaust resources and cause downtime. It works by identifying unusual traffic spikes, blocking malicious IPs, and filtering out fake requests before they reach your server. Effective DDoS protection often includes rate limiting, geo-blocking, and integration with upstream providers like Cloudflare or AWS Shield. It’s crucial for high-traffic sites and businesses operating online 24/7 (more details).
Brute Force Protection
Brute force protection is a security mechanism that defends against repeated login attempts by limiting or blocking access after several failed tries. It detects patterns like repeated incorrect passwords or rapid login submissions and responds by locking accounts, delaying responses, or blocking IP addresses. This is essential to prevent hackers from guessing usernames and passwords using automated tools. Many CMS platforms and hosting panels include brute force protection as part of their security suite.
Two-Factor Authentication
Two-Factor Authentication (2FA) enhances account security by requiring users to provide two separate forms of identification during login—typically a password and a one-time code sent to a mobile device or authentication app. Even if a password is compromised, 2FA adds a second layer of protection, significantly reducing the risk of unauthorized access. It’s widely adopted across hosting dashboards, CMS logins, and email services as a best practice in modern security.
Login Rate Limiting
Login rate limiting restricts the number of login attempts a user or IP address can make within a specific time frame, helping to prevent brute force attacks. It works by tracking login frequency and temporarily blocking further attempts after the threshold is exceeded. This strategy is effective in slowing down attackers and protecting login forms from automated guessing tools. It is often implemented alongside CAPTCHAs and IP bans for layered security.
SFTP
SFTP (SSH File Transfer Protocol) is a secure method of transferring files between your local device and a remote server over an encrypted SSH connection. Unlike traditional FTP, which transmits data in plain text, SFTP encrypts both authentication and file content, making it a safer choice for managing website files. It’s widely used by developers and system admins for uploading code, backups, and configuration files securely.
IP Whitelisting
IP whitelisting allows access to specific resources—like control panels, databases, or admin areas—only from approved IP addresses. It serves as an extra security measure by creating a trusted list of users who can connect to your server. Any IP not on the list is automatically denied, reducing exposure to external threats. This is especially useful for managing remote access in VPS or cloud hosting environments.
IP Blacklisting
IP blacklisting blocks traffic from specific IP addresses known for malicious activity, such as spamming, brute force attacks, or botnet behavior. Blacklists can be maintained manually or updated automatically through threat intelligence feeds. When an IP is blacklisted, it cannot access your website or server resources, reducing the risk of harm. Hosting platforms and firewalls often use blacklists to keep hostile traffic at bay.
Password Manager
A password manager is a tool that securely stores and manages your login credentials for websites, hosting dashboards, and applications. It encrypts all stored data and often includes features like password generation, autofill, and cross-device syncing. Using a password manager reduces the risk of reusing weak passwords and helps ensure that every account has a strong, unique passphrase. It’s a foundational tool for maintaining online security hygiene.
Security Audit
A security audit is a systematic evaluation of your website or server to identify vulnerabilities, misconfigurations, and outdated software that could be exploited by attackers. It often involves reviewing access logs, checking for weak credentials, scanning for malware, and verifying compliance with security standards. Audits can be performed manually or with automated tools and are essential for maintaining a proactive security posture, especially for business-critical applications.
Malware Scanning
Malware scanning detects harmful code or software on your website that can damage your data, infect users, or trigger blacklisting by search engines. Scanners check core files, themes, plugins, and databases for signs of infection, suspicious patterns, or unauthorized changes. Regular scanning helps catch threats early and prevent downtime, and it’s often included in security plugins or offered by hosting providers as a managed service (more details).
Malware Removal
Malware removal is the process of identifying and cleaning infected files or malicious scripts from your website or server. It typically involves quarantining suspicious code, restoring clean backups, and patching security flaws to prevent reinfection. Prompt malware removal helps restore site functionality, user trust, and search engine visibility. Some hosting companies offer it as a managed service, especially for WordPress or shared hosting clients.
Isolation Policy
An isolation policy ensures that each website, application, or hosting account is sandboxed in its own environment, preventing one compromised site from affecting others. This is especially important in shared hosting, where multiple users reside on the same server. Isolation can be enforced using file system permissions, containers, or virtualization. It enhances security by containing breaches and minimizing the blast radius of any attack.
Antivirus Engine
An antivirus engine is software that scans files for known threats such as viruses, trojans, worms, and spyware. On web servers, it helps detect infected uploads, malicious scripts, or unauthorized file modifications. Antivirus tools can operate in real-time or run scheduled scans and often integrate with security dashboards. They are a key layer in defending your site against file-based attacks and server-side malware.
Spam Filtering
Spam filtering helps prevent unwanted, irrelevant, or dangerous email from reaching your inbox or mail server. It uses techniques like keyword matching, blacklists, and machine learning to identify and flag suspicious messages. Good spam filters can reduce phishing risks and protect users from malware delivered via email. Hosting providers often include spam filtering as part of their email services to reduce inbox clutter and improve security.
Email Authentication (DKIM, SPF, DMARC)
Email authentication protocols like DKIM (DomainKeys Identified Mail), SPF (Sender Policy Framework), and DMARC (Domain-based Message Authentication, Reporting & Conformance) help verify that emails sent from your domain are legitimate. They prevent spoofing, improve email deliverability, and protect your brand from being used in phishing attacks. Properly configuring these settings in your DNS records is essential for maintaining trust and passing security checks with email providers.
Domain & DNS
Domain Name
A domain name is the user-friendly address of a website, such as example.com, that people type into their browser to access your site. It maps to an IP address behind the scenes, making the web more accessible and memorable for users. Domain names are purchased through registrars and must be renewed periodically to remain active. They can include top-level domains (TLDs) like .com, .org, or newer extensions like .tech or .blog (more details).
Domain Registrar
A domain registrar is an accredited company authorized to sell, register, and manage domain names on behalf of users. Registrars interact with governing bodies like ICANN to ensure proper registration, DNS configuration, and compliance. Services often include domain search, renewal, WHOIS privacy, and transfer support. Well-known registrars include GoDaddy, Namecheap, and Hover (more details).
WHOIS
WHOIS is a public protocol and database that stores and displays registration details about domain names, including the registrant’s name, contact info, registrar, and expiration date. It provides transparency but can expose personal data unless privacy protection is enabled. WHOIS data is often used for verifying ownership, legal disputes, and checking domain status.
Nameserver
A nameserver is a specialized server that directs web traffic by translating a domain name into its corresponding IP address. It acts as a crucial link between your domain and hosting provider, guiding visitors to the correct server. Most hosting services provide default nameservers, but they can be customized for advanced DNS configurations or third-party services.
DNS
DNS (Domain Name System) is the internet’s phonebook, converting human-readable domain names into IP addresses that computers use to communicate. It involves multiple components like root servers, TLD servers, and authoritative nameservers to resolve queries efficiently. Without DNS, users would have to memorize numeric IP addresses instead of domain names.
A Record
An A (Address) Record is a DNS record that maps a domain or subdomain to an IPv4 address. It tells browsers where to locate your website on the internet. A records are essential for connecting your domain to a web server and can be updated to point to new servers when migrating or scaling infrastructure.
CNAME Record
A CNAME (Canonical Name) record maps one domain or subdomain to another, effectively allowing you to alias one name to another domain. This is commonly used to point www.example.com to example.com, or to route subdomains to external services like a blog or email provider. Unlike A records, CNAMEs cannot point directly to IP addresses.
MX Record
MX (Mail Exchange) Records determine which mail servers are authorized to receive email for your domain. They include a priority value to specify which servers should be tried first. Correct MX configuration ensures reliable email delivery and is essential for hosting services like Gmail, Microsoft 365, or self-hosted mail servers.
TXT Record
TXT (Text) records are DNS entries used to store plain text for various verification and security purposes. They’re often used to verify domain ownership (e.g., with Google Search Console), enable SPF and DKIM for email authentication, or apply custom metadata. Multiple TXT records can exist for the same domain.
SRV Record
SRV (Service) records define the location of servers for specific services such as VoIP, messaging, or game servers. They include information like the service name, protocol, priority, port, and target server. SRV records are essential in systems like Microsoft 365, SIP, and other service-based DNS configurations.
AAAA Record
An AAAA record is the IPv6 equivalent of an A record, mapping a domain name to a 128-bit IPv6 address. As internet infrastructure shifts toward IPv6 adoption, AAAA records ensure accessibility for modern networks and devices that require or prefer IPv6 routing over IPv4.
TTL
TTL (Time to Live) is a setting in DNS records that tells servers how long to cache the record before checking for updates. It’s measured in seconds and affects how quickly DNS changes propagate. Lower TTL values allow faster updates but increase DNS query traffic, while higher TTLs reduce load but delay changes.
DNS Propagation
DNS propagation is the process of updating and distributing DNS changes across all global DNS servers. It can take anywhere from a few minutes to 48 hours depending on TTL settings and caching behavior. During propagation, some users may see the old site or IP while others see the updated version.
DNSSEC
DNSSEC (Domain Name System Security Extensions) adds a layer of cryptographic verification to DNS records, protecting against spoofing and cache poisoning. It ensures the integrity and authenticity of DNS responses by digitally signing records. DNSSEC helps prevent users from being redirected to malicious sites but must be supported by your registrar and DNS host.
Domain Privacy
Domain privacy (also called WHOIS privacy) protects your personal information—such as name, email, phone number—from being publicly displayed in WHOIS databases. When enabled, your registrar substitutes your data with proxy details, helping reduce spam, identity theft, and unwanted solicitations.
ICANN
ICANN (Internet Corporation for Assigned Names and Numbers) is the nonprofit organization that oversees the global coordination of domain names, IP addresses, and DNS root zones. It sets the policies that govern registrars, manages the domain name system infrastructure, and plays a central role in internet stability and interoperability.
TLD
A TLD (Top-Level Domain) is the last segment of a domain name, appearing after the final dot—such as .com, .org, or .net. TLDs are categorized into types like generic (gTLDs), country code (ccTLDs), and sponsored TLDs, each serving different purposes. Your choice of TLD can affect branding, trust, and regional targeting.
ccTLD
A ccTLD (country code Top-Level Domain) represents a specific country or geographic location, such as .uk for the United Kingdom or .my for Malaysia. These domains are often used for local businesses or region-specific content and may have residency or business presence requirements depending on the country’s policies.
gTLD
A gTLD (generic Top-Level Domain) includes common domain extensions like .com, .net, and .org, as well as newer ones like .app, .shop, or .tech. They are not tied to any country and are available for global use. gTLDs are popular for branding, niche marketing, and increasing the availability of desirable names.
Subdomain
A subdomain is a prefix added to your primary domain name to separate content or services—for example, blog.example.com or shop.example.com. Subdomains function as distinct websites or sections and can be configured in your DNS and hosting panel without purchasing a new domain.
Root Domain
A root domain refers to the main portion of your domain name without any subdomains—for example, example.com. It represents the base address of your website and is typically what users type in to reach your homepage. All subdomains and pages fall under the root domain structure.
Domain Forwarding
Domain forwarding automatically redirects visitors from one domain to another, such as from example.net to example.com. It’s commonly used to consolidate web traffic, maintain branding, or redirect misspellings and alternate TLDs. Forwarding can be permanent (301) or temporary (302), depending on your goals.
URL Masking
URL masking is a type of domain forwarding that displays the original domain in the browser’s address bar, even though users are viewing content from another domain. This technique is often used for branding or affiliate links, but may affect SEO and user transparency if not used carefully.
Dynamic DNS
Dynamic DNS (DDNS) is a service that automatically updates your DNS records when your IP address changes. It’s particularly useful for users with residential internet connections or hosting servers at home. DDNS ensures your domain continues pointing to the correct IP, even with frequent IP changes.
Zone File
A zone file is a text-based configuration file stored on a DNS server that contains all the DNS records for a domain. It includes A, MX, CNAME, TXT, and other records that define how your domain resolves. Managing the zone file correctly is critical to ensuring your website, email, and services function as expected.
Zone Editor
A zone editor is a feature in most hosting control panels that lets you view and modify DNS records for your domain. It provides a user-friendly interface for updating A records, adding CNAMEs, changing MX settings, or applying custom TXT entries. This tool is essential for configuring email services, website routing, and third-party integrations.
DNS Lookup
A DNS lookup is the process of retrieving DNS records for a domain, such as resolving example.com to its IP address. It involves querying DNS servers at different levels until the authoritative response is found. Tools like `dig`, `nslookup`, and online DNS checkers help troubleshoot DNS issues using lookups.
Reverse DNS
Reverse DNS (rDNS) resolves an IP address back to a domain name, functioning as the opposite of a standard DNS query. It’s commonly used in email validation and network diagnostics. Configuring rDNS often requires your hosting or IP provider to set up PTR records on your behalf.
PTR Record
A PTR (Pointer) record maps an IP address to a domain name and is used in reverse DNS lookups. It’s especially important for mail servers to pass spam checks, as receiving servers often verify if the sending IP has a valid PTR record. Only your IP provider can assign a PTR record.
Domain Lock
Domain lock is a security setting that prevents unauthorized transfers of your domain to another registrar. When enabled, it blocks changes to the domain’s status until manually unlocked by the owner. It helps protect against domain hijacking and is usually turned on by default in most registrar dashboards.
Registrar Lock
Registrar lock is a broader setting that restricts updates to your domain’s key configuration—such as DNS changes, contact details, or transfer status. It helps prevent accidental or malicious modifications and is typically accessed via your domain registrar’s control panel.
EPP Code
An EPP code (also known as an authorization or transfer key) is a unique alphanumeric code required to transfer a domain name from one registrar to another. It serves as a security measure to verify that the domain owner approves the transfer request. Registrars usually generate it upon request.
Domain Transfer
A domain transfer is the process of moving your domain registration from one registrar to another. It requires an unlocked domain, a valid EPP code, and usually an email confirmation. Transfers may take a few days to complete and are often done to consolidate services or access better pricing and features.
Domain Expiration
Domain expiration occurs when a domain name is not renewed before its expiration date, making it inactive and at risk of being released or acquired by someone else. Most registrars offer reminders and a grace period for renewal. Letting a domain expire can lead to downtime, lost traffic, or brand damage.
Redemption Period
The redemption period is a post-expiration grace window, typically lasting 30 days, during which the original domain owner can still renew the domain by paying a redemption fee. After this period, the domain may enter pending delete status or become available to the public again.
WHOIS Lookup
A WHOIS lookup is the act of querying the WHOIS database to retrieve publicly available registration details for a domain name. It’s useful for checking domain ownership, verifying expiration dates, or investigating potentially fraudulent domains. Many domain registrars and online tools provide free WHOIS lookup services.
Parking Page
A parking page is a placeholder website that appears when a domain is registered but not actively used. It may display ads, brand messaging, or simply say “coming soon.” Domain investors and new site owners often use parking pages while developing content or awaiting launch.
Anycast DNS
Anycast DNS is a network routing method that directs DNS queries to the nearest available server in a global network, reducing latency and improving redundancy. If one DNS server fails, requests are automatically rerouted to the next closest one. Major DNS providers like Cloudflare and Google use Anycast for reliability and speed.
Propagation Checker
A propagation checker is a tool that helps you track the status of DNS changes across different regions and DNS servers worldwide. It shows whether your updated DNS records have reached global endpoints, helping you confirm if your domain is pointing to the right server after updates or migrations.
