Reference

Web Hosting & Web Industry Glossary

A plain-English reference for web hosting, VPS, email, domain registration, WordPress, and website development. Definitions are paraphrased from authoritative sources (MDN, ICANN, IETF, WordPress.org, web.dev, Cloudflare, and others) — see the Sources section at the end.

Web Hosting

General Concepts

Shared Hosting: Multiple websites share one server's resources.
Dedicated Hosting: An entire physical server reserved for one client.
Cloud Hosting: Hosting distributed across multiple virtual servers in the cloud.
Reseller Hosting: Hosting accounts purchased wholesale and resold to clients.
Managed Hosting: Provider handles server maintenance, updates, and security.
Unmanaged Hosting: Client is responsible for all server administration.
Colocation(Colo): Client owns the hardware; provider supplies rack space and connectivity.
Web Host: A company providing server infrastructure for websites.
Data Center: Facility housing servers, networking, and supporting infrastructure.
Server: A computer that serves web content or services to clients.
Node: An individual machine or endpoint in a network or cluster.
Cluster: A group of servers working together as one system.
Rack Unit(U / RU): A unit of measure for rack-mountable equipment (1U = 1.75 inches).
Bare Metal: A physical server with no virtualization layer.
Overselling: Selling more resources than physically available, betting on low average usage.

Performance & Availability

Uptime: Percentage of time a server is operational (e.g. 99.9%).
Downtime: Period when a server or website is unavailable.
SLA(Service Level Agreement): Contract defining expected uptime and support standards.
Failover: Automatic switching to a backup server when the primary fails.
Load Balancing: Distributing traffic across multiple servers to prevent overload.
High Availability(HA): Architecture designed to minimize downtime.
Redundancy: Duplicate systems or components to prevent single points of failure.
Scalability: Ability to grow resources to meet increasing demand.
Latency: Delay between a request and its response.
Throughput: Amount of data transferred successfully in a given time.
Bandwidth: Maximum data transfer rate; also used to mean monthly data transfer allowance.
Burstable Bandwidth: Ability to temporarily exceed normal bandwidth limits.
Metered Bandwidth: Billing based on actual data usage.
Unmetered Bandwidth: No cap on data transfer (fair-use policies may apply).
95th Percentile Billing: Bandwidth billing method that ignores the top 5% of usage peaks.
IOPS(Input/Output Operations Per Second): Measure of storage performance.

Server Software & Technology

Apache: Widely used open-source web server software.
Nginx(Engine-X): High-performance web server and reverse proxy.
LiteSpeed: Commercial web server known for speed and cPanel compatibility.
OpenLiteSpeed: Open-source version of LiteSpeed.
IIS(Internet Information Services): Microsoft's web server for Windows.
PHP: Server-side scripting language commonly used with WordPress and CMS platforms.
Perl: Scripting language often used in older CGI applications.
Python: General-purpose language used in web apps and scripting.
Ruby: Language behind the Ruby on Rails web framework.
Node.js: JavaScript runtime for server-side applications.
CGI(Common Gateway Interface): Standard for running scripts on a web server.
FastCGI: Faster variation of CGI that keeps processes persistent.
Reverse Proxy: Server that forwards requests to backend servers and returns responses.
Web Application Firewall(WAF): Filters HTTP traffic to protect web applications.
MySQL: Popular open-source relational database management system.
MariaDB: Community fork of MySQL, often used as a drop-in replacement.
PostgreSQL: Advanced open-source relational database.
SQLite: Lightweight file-based database.
phpMyAdmin: Web-based GUI for managing MySQL and MariaDB databases.
Redis: In-memory data structure store used for caching and sessions.
Memcached: Distributed memory caching system.

Control Panels & Management

cPanel: Industry-standard web hosting control panel for Linux.
WHM(Web Host Manager): Server-level admin panel that manages cPanel accounts.
Plesk: Cross-platform hosting control panel for Linux and Windows.
DirectAdmin: Lightweight hosting control panel.
Webmin: Open-source web-based server administration tool.
Virtualmin: Web hosting module for Webmin.
ISPConfig: Open-source hosting control panel.
CyberPanel: Control panel built around LiteSpeed.
Softaculous: Auto-installer for CMS platforms such as WordPress and Joomla.
Fantastico: Auto-installer (legacy, largely replaced by Softaculous).
One-Click Installer: Tool allowing instant installation of popular web applications.
File Manager: Browser-based tool for managing files on a server.

Files, Access & Protocols

FTP(File Transfer Protocol): Protocol for transferring files to and from a server.
SFTP(Secure FTP): FTP over SSH, providing encrypted file transfer.
FTPS: FTP with SSL/TLS encryption.
SSH(Secure Shell): Encrypted protocol for remote server access and management.
Root Access: Full administrative access to a server.
Sudo: Command allowing permitted users to run commands as root.
Shell: Command-line interface for interacting with the server OS.
Terminal: Application providing access to the shell.
.htaccess: Apache configuration file placed in directories for per-directory settings.
php.ini: PHP configuration file controlling language settings.
httpd.conf: Main Apache configuration file.
Server Block: Nginx equivalent of Apache's VirtualHost (defined in nginx.conf).
VirtualHost: Apache directive allowing multiple websites on one server.
Cron Job: Scheduled task that runs automatically at defined intervals.
Daemon: Background process that runs continuously on a server.

Domains & Networking (Hosting Side)

IP Address: Numerical identifier for a server or device on a network.
IPv4: 32-bit IP address format (e.g. 192.168.1.1).
IPv6: 128-bit IP address format (e.g. 2001:0db8::1).
Dedicated IP: An IP address assigned exclusively to one hosting account.
Shared IP: An IP address shared among multiple hosting accounts.
Reverse DNS(rDNS): Resolving an IP address back to a hostname.
PTR Record: DNS record used for reverse DNS lookups.
Addon Domain: Additional domain hosted under a main cPanel account.
Parked Domain: Additional domain pointing to the same content as the main domain.
Subdomain: A prefix of a domain (e.g. blog.example.com).
Wildcard Subdomain: A subdomain matching any prefix (e.g. *.example.com).
Document Root: Directory on the server where website files are stored (usually public_html).
public_html: Default web-accessible directory in cPanel.
www Directory: Alternative name for the web root on some servers.

Security & SSL

SSL(Secure Sockets Layer): Predecessor to TLS; now used colloquially to mean TLS.
TLS(Transport Layer Security): Cryptographic protocol for secure communications.
SSL Certificate: Digital certificate enabling HTTPS on a website.
Let's Encrypt: Free, automated SSL certificate authority.
Self-Signed Certificate: SSL certificate signed by the issuing server rather than a trusted CA.
Certificate Authority(CA): Organization that issues trusted SSL certificates.
DV Certificate(Domain Validated): Basic SSL that only verifies domain ownership.
OV Certificate(Organization Validated): SSL that verifies organization identity.
EV Certificate(Extended Validation): Highest SSL validation level.
Wildcard SSL Certificate: Covers a domain and all of its subdomains (*.example.com).
Multi-Domain Certificate(SAN): Single SSL covering multiple domains.
HTTPS: HTTP secured with TLS/SSL encryption.
Mixed Content: When an HTTPS page loads some resources over insecure HTTP.
DDoS(Distributed Denial of Service): Attack using many systems to flood a server with traffic.
Firewall: System that monitors and controls incoming and outgoing network traffic.
Fail2Ban: Tool that bans IPs showing malicious behavior such as brute-force attempts.
ModSecurity: Open-source WAF module for Apache and Nginx.
Malware Scanning: Automated detection of malicious code on the server.
Intrusion Detection System(IDS): Monitors for suspicious activity on a network or host.
Two-Factor Authentication(2FA): Requires a second verification step for login.
Brute-Force Attack: Repeated login attempts to guess credentials.

Backups & Storage

Backup: Copy of data stored separately for recovery purposes.
Restore: Process of recovering data from a backup.
Full Backup: Complete copy of all data.
Incremental Backup: Only backs up data changed since the last backup.
Differential Backup: Backs up all changes since the last full backup.
Off-site Backup: Backup stored in a different geographic location.
RAID(Redundant Array of Independent Disks): Combining multiple drives for redundancy or performance.
SAN(Storage Area Network): High-speed network providing block-level storage.
NAS(Network Attached Storage): File-level storage accessible over a network.
SSD(Solid State Drive): Fast storage with no moving parts.
HDD(Hard Disk Drive): Traditional magnetic spinning disk storage.
NVMe(Non-Volatile Memory Express): Ultra-fast SSD interface protocol.

CDN & Caching

CDN(Content Delivery Network): Network of servers delivering cached content from locations near users.
Edge Server: CDN server located close to end users.
Origin Server: The primary server a CDN pulls content from.
Cache: Stored copy of data for faster future retrieval.
Cache Hit: Request served from cache without contacting the origin.
Cache Miss: Request that must be fetched from the origin (not found in cache).
Cache Invalidation: Clearing cached data to force a fresh retrieval.
TTL(Time to Live): How long cached content is considered valid.
Purge: Manually removing cached content from a CDN or server.
Varnish: Open-source HTTP accelerator / reverse proxy for caching.
Cloudflare: Popular CDN, DNS, and security service provider.

Logs & Monitoring

Access Log: Record of all requests made to the web server.
Error Log: Record of server errors and warnings.
Raw Access Log: Unprocessed server log file.
Webalizer / AWStats: Server-side log analysis tools.
Monitoring: Continuous checking of server health and performance.
Alerting: Automatic notification when server metrics hit thresholds.

VPS (Virtual Private Server)

Virtualization Technologies

VPS(Virtual Private Server): Virtualized server sharing physical hardware with others, but isolated.
Hypervisor: Software layer enabling multiple VMs to run on physical hardware.
Type 1 Hypervisor(Bare Metal): Runs directly on hardware (e.g. VMware ESXi, Xen).
Type 2 Hypervisor(Hosted): Runs on a host OS (e.g. VirtualBox, VMware Workstation).
KVM(Kernel-based Virtual Machine): Linux virtualization technology using CPU extensions.
OpenVZ: Container-based virtualization sharing one kernel.
LXC(Linux Containers): OS-level virtualization; lighter than full VMs.
Xen: Open-source hypervisor used by many VPS providers.
VMware: Enterprise virtualization platform.
Hyper-V: Microsoft's hypervisor.
Full Virtualization: Complete hardware emulation; guest OS runs unmodified.
Paravirtualization: Guest OS is modified to work with the hypervisor for better performance.
Container: Lightweight, isolated process environment (e.g. Docker).
Docker: Platform for building and running containers.
Kubernetes(K8s): Container orchestration system.
Virtual Machine(VM): Software-emulated computer running within a host.
Guest OS: Operating system running inside a virtual machine.
Host OS: Operating system running on the physical hardware.

VPS Resources

vCPU(Virtual CPU): A portion of a physical CPU allocated to a VM.
RAM(Random Access Memory): Volatile memory for running processes.
Burstable RAM: Extra RAM available temporarily beyond the guaranteed allocation.
Swap Space: Disk space used as virtual RAM when physical RAM is full.
Disk Space: Storage capacity allocated to the VPS.
Bandwidth (VPS): Monthly data transfer allowance.
Resource Limits: Caps placed on CPU, RAM, disk, or network usage.
CPU Throttling: Reducing CPU allocation when a container exceeds limits.
Overcommitting: Allocating more virtual resources than physically exist.

VPS Management

Managed VPS: Provider handles OS, security, and maintenance.
Unmanaged VPS: Client is fully responsible for all administration.
SSH Access: Encrypted remote command-line access.
Console Access: Emergency access to the VPS regardless of SSH availability.
VNC(Virtual Network Computing): Remote desktop protocol; used for console access.
IPMI(Intelligent Platform Management Interface): Out-of-band server management.
KVM-over-IP: Remote KVM access for managing a server's console.
Snapshot: Point-in-time copy of a VPS disk for backup or rollback.
Clone: Duplicate copy of a VPS.
Reinstall: Wiping and re-provisioning the OS on a VPS.
Reboot: Restarting the VPS.
Hard Reboot: Forced restart, simulating power cycling.
Soft Reboot: Graceful OS-level restart.
Resize: Changing the resource allocation of a VPS (scale up or down).
Vertical Scaling: Increasing resources on the same server.
Horizontal Scaling: Adding more servers to share the load.
Auto-scaling: Automatically adjusting resources based on demand.
Provisioning: Setting up and configuring a new server or VPS.
Deprovisioning: Dismantling and releasing a VPS.

Networking (VPS)

Private Network: Internal network between VPS instances not exposed to the internet.
Public IP: IP address accessible from the internet.
Floating IP / Elastic IP: IP that can be remapped between servers.
Port: Logical endpoint for network communication (e.g. port 80 for HTTP).
Firewall Rules: Network traffic rules (allow or deny by IP, port, protocol).
iptables: Linux kernel firewall utility.
nftables: Modern replacement for iptables.
UFW(Uncomplicated Firewall): Simplified iptables front-end for Ubuntu.
Network Interface: Virtual or physical connection point to a network.
MTU(Maximum Transmission Unit): Largest packet size a network can transmit.
Uplink: Connection from the server to the wider internet.
Ping: Network utility measuring round-trip time to a host.
Traceroute: Network diagnostic tool tracing the path packets take.
Anycast: Routing method sending traffic to the nearest server in a group.

Operating Systems

Ubuntu: Popular Debian-based Linux distribution.
Debian: Stable, community-driven Linux distribution.
CentOS: RHEL-based Linux distribution (now succeeded by AlmaLinux and Rocky Linux).
AlmaLinux: CentOS successor, RHEL-compatible.
Rocky Linux: Another CentOS successor.
RHEL(Red Hat Enterprise Linux): Commercial Linux distribution.
Fedora: Cutting-edge Red Hat-sponsored Linux distribution.
Arch Linux: Minimalist rolling-release Linux distribution.
FreeBSD: Unix-like OS known for stability and networking.
Windows Server: Microsoft's server operating system.
Kernel: Core of the operating system managing hardware resources.

Email Hosting

Protocols

SMTP(Simple Mail Transfer Protocol): Protocol for sending email between servers.
POP3(Post Office Protocol 3): Downloads email from server to client; usually deletes the server copy.
IMAP(Internet Message Access Protocol): Syncs email across devices; keeps messages on the server.
SMTP Relay: Service forwarding outgoing email on behalf of a sender.
STARTTLS: Command upgrading a plain-text connection to encrypted TLS.
SSL/TLS for Email: Encrypting email connections (ports 465, 993, 995).
Port 25: Default SMTP port (server-to-server).
Port 465: SMTP with SSL.
Port 587: SMTP submission port (client-to-server, with STARTTLS).
Port 993: IMAP with SSL.
Port 995: POP3 with SSL.
Port 143: IMAP without SSL.
Port 110: POP3 without SSL.

Email Authentication

SPF(Sender Policy Framework): DNS record listing servers authorized to send for a domain.
DKIM(DomainKeys Identified Mail): Cryptographic signature validating email authenticity.
DMARC(Domain-based Message Authentication, Reporting & Conformance): Policy defining how to handle SPF/DKIM failures.
ARC(Authenticated Received Chain): Preserves authentication results through forwarding chains.
BIMI(Brand Indicators for Message Identification): Displays brand logo in inbox when DMARC passes.
Email Header: Metadata included in an email showing routing and authentication info.
Return-Path: Email address used for bounce notifications.
Message-ID: Unique identifier assigned to each email message.

Anti-Spam & Security

Spam: Unsolicited bulk email.
Ham: Legitimate, non-spam email.
SpamAssassin: Open-source spam filtering platform.
Greylisting: Temporarily rejecting unknown senders; legitimate servers retry.
Bayesian Filtering: Statistical spam detection learning from marked messages.
Blacklist / Blocklist: List of IPs or domains known to send spam.
Whitelist / Allowlist: List of trusted senders bypassing spam filters.
RBL(Real-time Blackhole List): DNS-based list of known spam sources.
Phishing: Fraudulent email attempting to steal credentials or data.
Spoofing: Faking the sender address of an email.
Email Encryption: Securing message content in transit or at rest.
S/MIME: Standard for email encryption using certificates.
PGP / GPG(Pretty Good Privacy): End-to-end email encryption using key pairs.
TLS Encryption: Encrypts the connection between mail servers.
Email Signing: Attaching a cryptographic signature to verify sender identity.

Mailbox Management

Mailbox: Storage location for a user's email messages.
Email Account: A mailbox with associated credentials (e.g. user@example.com).
Email Alias: Alternative address forwarding to a real mailbox.
Email Forwarder: Automatically sends incoming email to another address.
Catch-All Address: Receives email sent to any address at a domain not otherwise defined.
Autoresponder: Automatic reply sent when email is received.
Out-of-Office Reply: Autoresponder used when away.
Email Quota: Storage limit for a mailbox.
Shared Mailbox: Mailbox accessible by multiple users.
Distribution List / Mailing List: Single address delivering email to a group of recipients.
Listserv: Software managing email mailing lists.
Email Migration: Moving email data between providers or platforms.

Delivery & Bounces

Bounce: Email returned to sender because delivery failed.
Hard Bounce: Permanent delivery failure (e.g. address doesn't exist).
Soft Bounce: Temporary delivery failure (e.g. mailbox full).
NDR(Non-Delivery Report): Notification informing sender that email wasn't delivered.
Deliverability: Likelihood that email reaches the recipient's inbox (not spam).
IP Reputation: Trustworthiness of a sending IP address.
Domain Reputation: Trustworthiness of a sending domain.
Email Warm-Up: Gradually increasing sending volume to build IP and domain reputation.
Deferred: Email queued for later delivery due to temporary server issues.

Email Clients & Platforms

Webmail: Browser-based email client (e.g. Roundcube, Horde).
Email Client: Desktop or mobile application for reading email (e.g. Outlook, Thunderbird).
Roundcube: Popular open-source webmail client.
Horde: Open-source webmail suite.
SquirrelMail: Lightweight legacy webmail client.
Microsoft Exchange: Enterprise email server platform.
Microsoft 365 / Office 365: Microsoft's cloud productivity suite including Outlook email.
Google Workspace: Google's business email and productivity platform (formerly G Suite).
Zimbra: Open-source email and collaboration platform.
Postfix: Open-source SMTP server software.
Sendmail: Legacy SMTP server software.
Dovecot: IMAP and POP3 server software.
Exim: MTA common on cPanel servers.
MTA(Mail Transfer Agent): Software routing email between servers.
MDA(Mail Delivery Agent): Software delivering email to a local mailbox.
MUA(Mail User Agent): Software used by end-users to read email.
CalDAV: Protocol for syncing calendars (often bundled with email hosting).
CardDAV: Protocol for syncing contact cards.

Domain Registration

Domain Basics

Domain Name: Human-readable address identifying a website (e.g. example.com).
URL(Uniform Resource Locator): Full web address including protocol (https://www.example.com/page).
URI(Uniform Resource Identifier): Broader identifier for any web resource.
TLD(Top-Level Domain): The rightmost segment of a domain (e.g. .com, .org, .net).
gTLD(Generic TLD): Non-country TLDs (e.g. .com, .net, .info, .biz).
ccTLD(Country Code TLD): Two-letter TLDs for countries (e.g. .uk, .de, .au).
sTLD(Sponsored TLD): Restricted TLDs for specific communities (e.g. .gov, .edu, .mil).
New gTLD: Post-2012 generic TLDs (e.g. .photography, .shop, .cloud).
SLD(Second-Level Domain): The part just left of the TLD (e.g. "example" in example.com).
Third-Level Domain: Domain one level left of the SLD (e.g. "www" or "blog").
Subdomain: Prefix of a domain (e.g. store.example.com).
IDN(Internationalized Domain Name): Domain containing non-ASCII characters.
Punycode: ASCII encoding of IDN labels (e.g. xn--nxasmq6b.com).

Registration & Transfers

Domain Registrar: Accredited company selling domain registrations (e.g. GoDaddy, Namecheap).
Registry: Organization managing a TLD's authoritative database (e.g. Verisign for .com).
ICANN: Overarching body governing domain names and IP address allocation globally.
Domain Registration: Claiming and paying for a domain name.
Domain Renewal: Extending a domain's registration before expiry.
Auto-Renew: Automatic renewal of a domain at expiry.
Domain Expiration: Date after which a domain lapses if not renewed.
Grace Period: Time after expiry during which the original owner can renew at normal cost.
Redemption Period: Time after grace period; domain can still be recovered at premium cost.
Domain Drop: When a domain fully expires and becomes available to the public.
Drop Catching: Attempting to register a domain the moment it is released.
Domain Backorder: Reserving a domain that is about to expire.
Domain Transfer: Moving a domain registration from one registrar to another.
EPP / Auth Code / Transfer Code: Secret code required to authorize a domain transfer.
Domain Lock / Registrar Lock: Prevents unauthorized transfers (recommended to keep enabled).
Domain Unlock: Temporarily removing the lock to initiate a transfer.
60-Day Lock: ICANN rule preventing transfer within 60 days of registration or recent transfer.
Registrant: The legal owner of a domain name.
WHOIS Contacts: The four registration contacts: Registrant, Admin, Tech, and Billing.

WHOIS & Privacy

WHOIS: Public database of domain registration information.
WHOIS Privacy / Domain Privacy: Service masking registrant info in WHOIS with the provider's info.
RDAP(Registration Data Access Protocol): Modern successor to WHOIS.
GDPR: EU privacy regulation reducing public WHOIS data visibility.

DNS (Domain Name System)

DNS(Domain Name System): System translating domain names to IP addresses.
DNS Resolution: The process of resolving a domain to its IP.
DNS Resolver: Server that queries DNS on behalf of clients.
Recursive Resolver: Resolver that queries multiple DNS servers to find the answer.
Authoritative Name Server: Server holding the definitive DNS records for a domain.
Nameserver(NS): Server directing DNS queries for a domain to the authoritative server.
DNS Zone: Administrative space defining DNS records for a domain.
Zone File: File containing all DNS records for a domain.
DNS Propagation: Time for updated DNS records to spread across global resolvers (up to 48 hours).
TTL (DNS): Time in seconds that a DNS record is cached before being refreshed.

DNS Record Types

A Record: Maps a domain to an IPv4 address.
AAAA Record: Maps a domain to an IPv6 address.
CNAME Record: Aliases one domain to another domain.
MX Record(Mail Exchanger): Specifies mail servers for a domain.
TXT Record: Stores arbitrary text; used for SPF, DKIM, DMARC, and site verification.
NS Record: Specifies authoritative name servers for a domain.
SOA Record(Start of Authority): Contains administrative info about the zone.
PTR Record (DNS): Maps an IP to a hostname (reverse DNS).
SRV Record: Specifies location of services (e.g. SIP, XMPP).
CAA Record(Certification Authority Authorization): Restricts which CAs can issue SSL certs for a domain.
DNSKEY Record: Holds a public key for DNSSEC.
DS Record: Delegation Signer record used in DNSSEC chains of trust.
NAPTR Record: Used in URI mapping (e.g. VoIP).

DNSSEC & Advanced DNS

DNSSEC(DNS Security Extensions): Adds cryptographic signatures to DNS to prevent tampering.
DNS Hijacking: Redirecting DNS queries to malicious servers.
DNS Spoofing / Cache Poisoning: Injecting false DNS data into a resolver's cache.
Anycast DNS: Using the same IP on multiple servers globally for fast DNS resolution.
GeoDNS: Returning different DNS responses based on requester's location.
Split-Horizon DNS: Returning different answers for internal vs. external queries.
Dynamic DNS(DDNS): Automatically updating a DNS record when an IP changes.

Domain Parking & Monetization

Domain Parking: Pointing a domain to a placeholder page, often with ads.
Domain Forwarding / Redirect: Automatically sending visitors from one domain to another.
URL Masking / Cloaking: Forwarding while keeping the original domain in the address bar.
301 Redirect: Permanent redirect; passes SEO value.
302 Redirect: Temporary redirect; does not pass SEO value.
Domain Auction: Marketplace for buying and selling domains.
Premium Domain: High-value domain commanding above-average prices.
Expired Domain: Domain no longer renewed by its owner.
Domain Flipping: Buying and selling domains for profit.
Domain Broker: Agent facilitating domain purchases and sales.
Domain Appraisal: Estimating a domain's market value.
Domain Portfolio: A collection of domain names owned by one entity.
Domain Squatting / Cybersquatting: Registering a domain in bad faith to sell it to the trademark holder.
UDRP(Uniform Domain-Name Dispute-Resolution Policy): ICANN process for resolving trademark disputes.
Domain Escrow: Third-party holding payment during a domain transaction.

WordPress Setup & Administration

Core Concepts

WordPress: Open-source CMS and website building platform.
WordPress.org: Self-hosted version of WordPress (requires your own hosting).
WordPress.com: Hosted version of WordPress managed by Automattic.
wp-config.php: Core configuration file containing database credentials and settings.
wp-content/: Directory containing themes, plugins, and uploads.
wp-admin/: URL path to the WordPress admin dashboard.
Dashboard: Main control interface for managing a WordPress site.
WordPress Loop: PHP code that retrieves and displays posts.
WordPress Codex / Developer Docs: Official documentation for WordPress.
WordPress Core: The foundational files and code of WordPress.
WordPress Multisite: Single WordPress installation supporting multiple sites.
Network Admin: Super-administrator managing a Multisite network.
WordPress REST API: API allowing external applications to interact with WordPress.
XML-RPC: Legacy remote procedure protocol in WordPress (largely replaced by REST API).
WP-CLI: Command-line tool for managing WordPress.
wp-cron: WordPress's built-in task scheduler (pseudo-cron).
WP_DEBUG: Constant enabling debug mode in WordPress.
WordPress Playground: Browser-based WordPress environment for testing.

Content & Structure

Post: Time-stamped piece of content (like a blog entry).
Page: Static content piece not organized chronologically.
Custom Post Type(CPT): User-defined content types beyond posts and pages.
Category: Hierarchical taxonomy for organizing posts.
Tag: Non-hierarchical taxonomy for labeling posts.
Taxonomy: Classification system for grouping content (includes categories, tags, and custom).
Custom Taxonomy: User-defined classification system.
Custom Field: Extra metadata attached to posts or pages.
Meta Box: UI element in the editor for adding custom fields.
Excerpt: Short summary of a post.
Permalink: Permanent URL for a post or page.
Slug: URL-friendly version of a title (e.g. "my-blog-post").
Featured Image: Primary image associated with a post or page.
Shortcode: Bracketed code snippets that output dynamic content (e.g. [gallery]).
Attachment: Media file uploaded to WordPress and attached to content.
Revision: Saved draft version of a post or page enabling rollback.
Post Status: State of content (Draft, Published, Pending, Private, Trash).
Scheduled Post: Content set to publish automatically at a future date or time.
Sticky Post: Post pinned to the top of the blog listing.
Comment: Reader response attached to a post.
Pingback / Trackback: Notifications between WordPress sites when linking.
Reading Settings: Controls what's shown on the homepage (latest posts vs. static page).

Themes & Design

Theme: Collection of files controlling a site's visual presentation.
Child Theme: Theme inheriting from a parent theme, allowing safe customizations.
Parent Theme: Theme providing default functionality a child theme extends.
Theme Directory: Official repository at wordpress.org/themes.
Block Theme: Modern theme built for Full Site Editing.
Classic Theme: Traditional PHP-template-based theme.
Theme Customizer: Interface for live-previewing theme changes.
Full Site Editing(FSE): WordPress feature allowing editing of the entire site via blocks.
Template: File defining the layout for a type of page (single.php, archive.php, etc.).
Template Hierarchy: WordPress's priority-based system for loading the correct template.
Template Part: Reusable section of a template (e.g. header, footer).
functions.php: Theme file for adding WordPress functionality and customizations.
style.css: Theme's main stylesheet containing header information.
header.php / footer.php: Template files for site header and footer sections.
sidebar.php: Template file for sidebar content.
index.php (theme): Fallback template file required in all themes.

Block Editor (Gutenberg)

Block Editor / Gutenberg: WordPress's default visual editor since version 5.0.
Classic Editor: Pre-Gutenberg WYSIWYG editor (available via plugin).
Block: Individual content unit in the block editor (paragraph, image, heading, etc.).
Block Pattern: Pre-designed group of blocks for quick insertion.
Block Library: Collection of available blocks.
Reusable Block / Synced Pattern: Block saved for reuse across multiple pages.
Inner Blocks: Blocks nested within a container block.
Full Width Block: Block spanning the entire viewport width.
Wide Width Block: Block extending beyond the content column.
Global Styles: Site-wide design settings in FSE themes.
Site Editor: Interface for editing all parts of a site in block themes.
Query Loop Block: Block dynamically displaying posts based on query parameters.

Plugins

Plugin: Extension adding functionality to WordPress.
Plugin Directory: Official repository at wordpress.org/plugins.
Must-Use Plugin(MU Plugin): Automatically active plugin in the mu-plugins directory.
Drop-in Plugin: File placed in wp-content/ to override core functionality.
Activation Hook: Code run when a plugin is activated.
Deactivation Hook: Code run when a plugin is deactivated.
Uninstall Hook: Code run when a plugin is deleted.
Plugin Conflict: When two plugins interfere with each other's functionality.
Elementor: Popular drag-and-drop page builder plugin.
Divi: Premium page builder and theme by Elegant Themes.
WooCommerce: WordPress eCommerce plugin.
Yoast SEO: SEO optimization plugin.
Rank Math: Alternative SEO plugin.
Jetpack: Automattic's feature suite for WordPress.org sites.
Contact Form 7: Simple contact form plugin.
Gravity Forms: Advanced form builder plugin.
WPForms: User-friendly form builder plugin.
Ninja Forms: Another form builder plugin.
Akismet: Spam protection for comments.
Wordfence: WordPress security plugin with firewall and malware scanner.
Solid Security: Security hardening plugin (formerly iThemes Security).
Sucuri: Website security and monitoring plugin / service.
WP Rocket: Premium caching and performance plugin.
W3 Total Cache: Free caching plugin.
WP Super Cache: Caching plugin by Automattic.
LiteSpeed Cache: Caching plugin optimized for LiteSpeed servers.
UpdraftPlus: Backup and restore plugin.
BackupBuddy: Premium backup plugin.
Advanced Custom Fields(ACF): Powerful custom fields plugin.
WPML: WordPress multilingual plugin.
Polylang: Free multilingual plugin alternative.
BuddyPress: Social networking plugin for WordPress.
bbPress: Forum plugin for WordPress.
The Events Calendar: Event management plugin.
WP Mail SMTP: Fixes WordPress email delivery issues.

Users & Roles

User: Registered account on a WordPress site.
Role: Set of permissions assigned to a user.
Administrator: Full access to all site settings and content.
Editor: Can manage all posts and pages.
Author: Can write and publish their own posts.
Contributor: Can write posts but not publish them.
Subscriber: Can only manage their own profile.
Super Admin: Administrator of an entire Multisite network.
Capability: Individual permission (e.g. edit_posts, manage_options).
User Meta: Additional data fields stored for a user.

Performance & Database

WordPress Database: MySQL / MariaDB database storing all content and settings.
Database Prefix: Prefix for WordPress database tables (default: wp_).
Object Cache: Caching mechanism for database query results in memory.
Page Cache: Storing rendered HTML pages for faster delivery.
Fragment Caching: Caching specific parts of a page.
Transient: Temporary cached data stored in the WordPress database.
WordPress Memory Limit: PHP memory allocated to WordPress (set in wp-config.php).
Heartbeat API: WordPress mechanism for regular server communication in the admin.
Database Optimization: Cleaning up drafts, revisions, transients, and overhead.

Development & Deployment

Hook: WordPress mechanism for adding or modifying functionality (actions and filters).
Action: Hook allowing code to run at a specific point in WordPress execution.
Filter: Hook allowing modification of data before it's used or displayed.
do_action(): Function triggering an action hook.
apply_filters(): Function triggering a filter hook.
WordPress Nonce: Security token preventing CSRF attacks in forms.
Staging Environment (WP): Clone of a site for testing before pushing changes to production.
Child Theme Development: Best practice for safe theme customization.
WPCS(WordPress Coding Standards): Coding conventions for WordPress development.
PHP Version Compatibility: Ensuring plugins and themes work with the server's PHP version.
wp-config Constants: Configuration options defined in wp-config.php (e.g. WP_DEBUG, DISALLOW_FILE_EDIT).

Website Building

Languages & Standards

HTML(HyperText Markup Language): Language defining the structure of web pages.
CSS(Cascading Style Sheets): Language controlling the visual presentation of web pages.
JavaScript(JS): Scripting language adding interactivity to web pages.
TypeScript: Typed superset of JavaScript.
HTML5: Current major version of HTML.
CSS3: Current major version of CSS.
ES6 / ES2015+: Modern JavaScript syntax and features.
JSON(JavaScript Object Notation): Lightweight data interchange format.
XML(Extensible Markup Language): Data format used in sitemaps, feeds, and APIs.
DOM(Document Object Model): Programming interface representing an HTML document.
SASS / SCSS: CSS preprocessor adding variables, nesting, and mixins.
LESS: Another CSS preprocessor.

Frameworks & Libraries

jQuery: Widely used JavaScript library simplifying DOM manipulation.
Bootstrap: CSS / JS framework for responsive design with pre-built components.
Tailwind CSS: Utility-first CSS framework.
Foundation: Responsive front-end framework.
React: JavaScript library for building user interfaces (Meta).
Vue.js: Progressive JavaScript framework for UIs.
Angular: Full-featured JavaScript framework (Google).
Svelte: Component framework compiling to vanilla JS.
Next.js: React framework with SSR / SSG capabilities.
Nuxt.js: Vue.js framework equivalent to Next.js.
Gatsby: Static site generator based on React.
Astro: Modern framework for content-focused sites.
Eleventy(11ty): Simpler static site generator.
Hugo: Fast static site generator written in Go.

Design & UX Concepts

Responsive Design: Design adapting layout to any screen size.
Mobile-First Design: Designing for mobile screens before scaling up to desktop.
Adaptive Design: Serving different layouts for specific screen sizes.
UX(User Experience): Overall experience of a person using the website.
UI(User Interface): Visual elements users interact with.
Wireframe: Low-fidelity layout sketch showing structure without design detail.
Mockup: High-fidelity static design representation.
Prototype: Interactive model simulating the final product.
Style Guide: Document defining design standards for a project.
Design System: Reusable components and patterns for consistent UI.
Breakpoint: Screen width at which the layout changes.
Viewport: Visible area of a web page in the browser.
Grid System: Structure dividing a layout into columns and rows.
CSS Grid: CSS layout system for two-dimensional grids.
Flexbox: CSS layout system for one-dimensional rows or columns.
Media Query: CSS technique applying styles based on screen size or features.
White Space / Negative Space: Empty space used intentionally in design.
Color Palette: Set of colors used consistently throughout a site.
Typography: Art of arranging type; fonts, sizes, spacing, and hierarchy.
Font: A specific style within a typeface.
Google Fonts: Free font library for web use.
Web-Safe Fonts: Fonts available on virtually all devices.
Variable Font: Font with adjustable attributes (weight, width) in a single file.
Favicon: Small icon shown in the browser tab and bookmarks.
Hero Section: Prominent top area of a page, usually with a headline and CTA.
CTA(Call to Action): Button or link prompting a specific user action.
Above the Fold: Content visible without scrolling.
Landing Page: Standalone page designed for a specific marketing goal.
Conversion: When a visitor completes a desired action.
A/B Testing: Comparing two versions of a page to see which performs better.
Heatmap: Visual representation of where users click or scroll.
Session Recording: Recording of a user's interaction with the site.
Accessibility(a11y): Designing sites usable by people with disabilities.
WCAG(Web Content Accessibility Guidelines): Standards for web accessibility.
ARIA(Accessible Rich Internet Applications): HTML attributes improving accessibility.
Alt Text: Text description of an image for screen readers and SEO.

Page Components & Elements

Navigation Menu: Links helping users move around the site.
Mega Menu: Large dropdown navigation with multiple columns.
Sticky Header: Header that remains visible while scrolling.
Footer: Bottom section of a webpage with links and contact info.
Sidebar: Side column with supplementary content or widgets.
Breadcrumb: Navigation trail showing page hierarchy.
Pagination: Dividing content across multiple pages.
Slider / Carousel: Rotating display of images or content.
Gallery: Collection of images displayed in a grid.
Lightbox: Image or content viewer overlaying the current page.
Modal / Popup: Overlay window requiring interaction before proceeding.
Tooltip: Small informational label appearing on hover.
Accordion: Expandable / collapsible content sections.
Tab: UI element switching between different content panels.
Parallax Effect: Background scrolling slower than foreground for depth effect.
Lazy Loading: Deferring loading of off-screen images and content until needed.
Infinite Scroll: Automatically loading more content as the user scrolls down.
Progress Bar: Visual indicator of completion or loading status.
Badge: Small visual label indicating status or count.
Card: Box containing grouped information about a single item.
404 Page: Error page shown when a requested page is not found.
503 Page: Error page shown when the server is temporarily unavailable.
Thank You Page: Page shown after form submission or purchase.
HTML Sitemap: Human-readable list of pages on a site.
Robots.txt: File instructing search engine crawlers which pages to index.
Cookie Banner / Consent: Notice informing users about cookies for GDPR / CCPA compliance.

Page Builders & Website Builders

WYSIWYG(What You See Is What You Get): Editor displaying content as it will appear.
Drag-and-Drop Builder: Visual interface for arranging page elements.
Wix: Hosted website builder platform.
Squarespace: Hosted website builder with design-focused templates.
Weebly: Drag-and-drop website builder.
Shopify: E-commerce platform and website builder.
Webflow: Visual web design tool generating clean code.
Framer: Design-to-code tool for interactive sites.
Ghost: Publishing-focused CMS (alternative to WordPress).
Joomla: Open-source CMS (WordPress alternative).
Drupal: Enterprise-level open-source CMS.

Performance & Optimization

Page Speed: How quickly a page loads for users.
Core Web Vitals: Google's set of user-experience metrics.
LCP(Largest Contentful Paint): Time to render the largest visible content element.
FID(First Input Delay): Time from first interaction to browser response.
INP(Interaction to Next Paint): Replaced FID; measures responsiveness.
CLS(Cumulative Layout Shift): Measures unexpected layout movement.
TTFB(Time to First Byte): Time from request to first byte received from server.
FCP(First Contentful Paint): Time to first visible content on screen.
Minification: Removing unnecessary characters from code to reduce file size.
Compression: Reducing file sizes for transfer (Gzip, Brotli).
Image Optimization: Reducing image file sizes without visible quality loss.
WebP: Modern image format offering better compression than JPEG / PNG.
AVIF: Next-gen image format with superior compression.
SVG(Scalable Vector Graphics): Vector image format scaling without quality loss.
Code Splitting: Breaking JS bundles into smaller chunks loaded on demand.
Tree Shaking: Removing unused code from JavaScript bundles.
Preloading: Hinting to the browser to fetch critical resources early.
Prefetching: Loading resources likely needed for the next page.
Critical CSS: Inlining the CSS needed for above-the-fold rendering.
Async / Defer: Attributes controlling how JavaScript files are loaded.
HTTP/2: Protocol improving loading by multiplexing requests.
HTTP/3 / QUIC: Faster, more reliable successor to HTTP/2.
PWA(Progressive Web App): Web app providing near-native mobile experience.
Service Worker: Script enabling offline functionality and background sync in PWAs.
Web App Manifest: JSON file defining PWA appearance and behavior.

SEO (Search Engine Optimization)

SEO: Practice of improving website visibility in search engine results.
On-Page SEO: Optimizing content and HTML on individual pages.
Off-Page SEO: Building authority through external factors such as backlinks.
Technical SEO: Optimizing site infrastructure for crawlability and indexability.
Meta Title: Page title shown in browser tabs and search results.
Meta Description: Short page summary shown in search results.
Canonical Tag: HTML tag specifying the preferred version of a page.
Open Graph Tags(OG): Meta tags controlling appearance when shared on social media.
Twitter Card: Meta tags controlling appearance when shared on X (Twitter).
Schema Markup / Structured Data: Code helping search engines understand content.
Rich Snippet: Enhanced search result with extra info (ratings, prices, etc.).
XML Sitemap: File listing all pages for search engines to crawl.
Crawlability: How easily search engines can discover and index a site.
Indexability: Whether search engines can add a page to their index.
Noindex: Meta tag or HTTP header telling search engines not to index a page.
Nofollow: Link attribute telling search engines not to pass authority.
Backlink: Link from another website to yours.
Domain Authority(DA): Third-party metric predicting a site's search ranking potential.
PageRank: Google's original algorithm for measuring page authority.
Keyword: Word or phrase users search for in search engines.
Long-Tail Keyword: Specific, lower-volume search phrase.
SERP(Search Engine Results Page): The page of results returned by a search engine.
CTR(Click-Through Rate): Percentage of users clicking a result in search.
Bounce Rate: Percentage of visitors leaving after viewing only one page.
Dwell Time: How long a user stays on a page from search results.

Analytics & Tracking

Google Analytics(GA4): Web analytics platform tracking visitor behavior.
Google Search Console: Tool monitoring a site's performance in Google Search.
Google Tag Manager(GTM): Tool managing tracking scripts without editing code.
Pixel: Tracking snippet (e.g. Meta Pixel for Facebook ads).
UTM Parameters: Tags added to URLs to track marketing campaign performance.
Conversion Tracking: Measuring when visitors complete a goal.
Funnel: Sequence of steps tracking a visitor toward a conversion.
KPI(Key Performance Indicator): Metric used to measure success.

Security (Web)

CORS(Cross-Origin Resource Sharing): Browser security policy for cross-domain requests.
CSP(Content Security Policy): HTTP header restricting resource loading to trusted sources.
XSS(Cross-Site Scripting): Attack injecting malicious scripts into web pages.
CSRF(Cross-Site Request Forgery): Attack tricking users into unintended actions.
SQL Injection: Attack inserting malicious SQL code into input fields.
Clickjacking: Tricking users into clicking hidden elements.
Rate Limiting: Restricting the number of requests a user can make in a time period.
CAPTCHA / reCAPTCHA: Challenge preventing automated bot submissions.
PCI DSS Compliance: Payment Card Industry Data Security Standards.
CCPA(California Consumer Privacy Act): California data privacy law.
Cookie: Small data file stored in the browser by a website.

Development Workflow

Local Development: Building a site on your own computer before deploying.
XAMPP / MAMP / WAMP: Local server environments for PHP / MySQL development.
Docker (Dev): Containerized local development environments.
Localhost: Your local computer accessed as a server.
Version Control: System tracking changes to code over time.
Git: Distributed version control system.
GitHub / GitLab / Bitbucket: Platforms for hosting Git repositories.
Repository(Repo): Collection of project files tracked by Git.
Branch: Parallel version of a codebase for isolated development.
Merge: Combining changes from one branch into another.
Pull Request / Merge Request(PR / MR): Proposed code change awaiting review.
CI/CD(Continuous Integration / Continuous Deployment): Automated testing and deployment pipeline.
Staging Environment: Test site mirroring production for safe testing.
Production Environment: Live, public-facing website.
Deployment: Process of publishing code changes to the live server.
npm / Yarn / pnpm: JavaScript package managers.
Webpack / Vite / Parcel: JavaScript bundlers and build tools.
Linting: Automated checking of code for errors and style issues.
Code Review: Peer examination of code before merging.
API(Application Programming Interface): Interface allowing systems to communicate.
REST API: Architecture for web APIs using HTTP methods.
GraphQL: Query language and API alternative to REST.
Webhook: HTTP callback triggered by an event in another service.
iframe: HTML element embedding another webpage inside the current page.
Embed Code: Snippet of HTML pasting third-party content into a page.
Headless CMS: CMS delivering content via API, decoupled from the front-end.
Jamstack: Architecture using JavaScript, APIs, and Markup for fast, secure sites.
SSR(Server-Side Rendering): Generating HTML on the server per request.
SSG(Static Site Generation): Pre-building HTML files at build time.
CSR(Client-Side Rendering): Rendering pages in the browser via JavaScript.
ISR(Incremental Static Regeneration): Rebuilding static pages on demand in the background.

E-Commerce

Shopping Cart: System allowing users to select and purchase multiple items.
Payment Gateway: Service processing online payments (e.g. Stripe, PayPal).
Merchant Account: Bank account for receiving online payments.
Checkout Flow: Steps a customer takes to complete a purchase.
SKU(Stock Keeping Unit): Unique identifier for a product variant.
Product Catalog: Collection of products available for sale.
Inventory Management: Tracking product stock levels.
Abandoned Cart: When a customer adds items but doesn't complete purchase.
Upsell / Cross-sell: Suggesting higher-value or related products.
Coupon / Discount Code: Code reducing the price at checkout.
Order Management: Processing, tracking, and fulfilling customer orders.
Fulfillment: Process of shipping products to customers.
Dropshipping: Selling products without holding inventory.
Subscription / Recurring Billing: Charging customers on a regular schedule.
Refund / Chargeback: Returning money to a customer or forced reversal by a bank.

Sources

Definitions throughout this glossary are paraphrased from the following authoritative organizations and documentation projects. Where a single term is governed by a specific specification (e.g. SPF, DKIM, DMARC, DNS records), that specification's IETF RFC is the primary source.

MDN Web Docs
HTML, CSS, JavaScript, HTTP, DOM, security headers, web APIs.
ICANN
Domain registrar/registry policy, UDRP, transfer rules, WHOIS/RDAP.
IANA
TLD registry, port number assignments, root zone management.
IETF RFCs
Authoritative protocol definitions — SMTP, IMAP, DNS, HTTP, TLS, SPF, DKIM, DMARC.
WordPress.org Developer Resources
Themes, blocks, hooks, REST API, WP-CLI, multisite.
Google web.dev
Core Web Vitals (LCP, INP, CLS), performance, PWAs, modern web standards.
Google Search Central
Canonical tags, structured data, robots.txt, sitemaps, indexing.
Cloudflare Learning Center
CDN, DNS, DDoS, edge computing, TLS, BGP, networking primers.
schema.org
Structured data vocabulary, including DefinedTerm and DefinedTermSet.
Let's Encrypt Documentation
Free TLS certificate issuance and CA terminology.
W3C / WCAG
Web Content Accessibility Guidelines and ARIA reference.
OWASP
Web application security — XSS, CSRF, SQL injection, CSP best practices.
M3AAWG
Email deliverability, anti-abuse, sender reputation guidelines.
cPanel Documentation
cPanel & WHM administration terminology.

This glossary is provided for general educational reference. Where definitions differ across the industry, we have chosen the meaning most commonly used by web hosting providers, registrars, and CMS communities in 2026.