Webscale One CloudOps Plans 

Software and services for ecommerce businesses of all sizes


Webscale One plans empower merchants, and their developers, with the world’s most advanced suite of software and services to manage, accelerate and secure their storefronts. Whether you’re looking to bring your own cloud environment and manage it yourself, or you’d like us to allocate and manage the resources for you – Webscale has a solution to fit.


Perfect for simple, non-customized storefronts, or developers needing a hosted test environment, providing entry-level security, and 100% availability.


  • Webscale Data Plane
  • Predictive Auto-scaling
  • Load Balancing
  • DDoS Protection
  • Level 1 Origin Protection


As your business grows, so do your infrastructure demands. The Advanced plan offers merchants enhanced security and performance features, as well as actionable insights.

  • All Base plus*:
  • Dynamic Site Cache
  • Basic WAF
  • Content Security Policies
  • Ecommerce Analytics

*Excludes Hosting and Support

Compare Plans





Performance & Delivery

Predictive Auto-scaling N N N N
Self-healing N N N N
Load Balancing N N N N
Elastic Data Plane Shared Shared Shared Dedicated
CDN Basic Basic Advancedi Advancedi
Application Hostnames 2 5 20 40i
Data Transfer (included) 50GB 250GB 500GB 1000GBi
Dynamic Site Cache M 1GB 5GB 10GB
Dynamic Site Cache Rules M 1 5 10
Custom Web Controls M 10 20 100
Site Splicing M M N N
Custom Microsites M 1 up to 5MB 5 up to 20MB 10 up to 50MB
Edge Compute M M N N
Serverless Compute M M N N
Compute Invocations M M 5M/month 10M/month
Image Optimization 20K/month 100K/month 200K/month 500K/monthi


Origin Protection (App Shield) Level 1i Level 2i Level 2i Level 3i
Bring your own SSL certificate N N N N
Geo-blocking N N N N
DDoS Protection N N N N
Origin Certificates N N N N
Rate Limiting M Basic Basic Advancedi
Bot Challenge M M N N
WAF (WAAP) Basic Basic Advancedi Advancedi
OWASP Protection M N N N
Role-based Access Control M M N N
Carding Attack Protection (CAP) M M N N
Trusted Proxies M M M N
Secure Access M M M N
Data Loss Prevention M M M N


Traffic Viewer 1 day 1 week 2 weeks 1 month
Audit Logs M N N N
Session Tracking M N N N
Real User Monitoring (RUM) M N N N
Additional Online Logs M M N N
Archived Logs M N N N
Monitors (included) M 5 10 50
Custom Log Capture M M Ni Ni
Custom Metrics M M N N

Environments For customers selecting the Cloud Hosting add-on service only.
Additional environments may be setup and use allocated resources, but are not managed unless indicated.

Production Environment N N N N
Dev Environment M N N N
Cron/NFS Single Server M N N N
Staging Environment M M N N
Testing Environment M M N N
Server-based Container M M N N
PWA Environment M M N N
Static Java Script Container M M N N
Dedicated Environment* M M M N
Demo Pricing Pricing Pricing

*Requires Managed Services Level Support

The hostnames to which an application responds. Some applications have additional hostnames.
The Webscale Data Plane is an intermediary between web browsers and your application components. A shared data plane accesses your application through IP addresses that are socialized with other applications. A dedicated data plane has addresses that are unique to your application.
Actively distribute requests across application servers to ensure that all servers are facilitating the delivery of the application. Automatically route around servers that are experiencing performance or availability issues.
When data is sent from a Webscale data plane or from a CDN to a web browser, the amount of data transferred is measured. This is called Data Transfer and is usually measured in gigabytes (1 billion bytes).
Webscale’s unique Predictive Auto-scaling leverages automation and predictive analytics to increase or decrease the capacity of your application resources as needed to maintain consistent performance without over-allocation.
An extension to auto-scaling that ensures that application components that have failed are promptly replaced to avoid timeouts and error pages.
The Webscale CDN is a set of servers located throughout the world that allow for cacheable content to be delivered from a location closest to your website’s visitors, making your site faster and decreasing the load on your application servers.
Site Cache is located in the Webscale Data Plane and provides an extremely fast cache near your application servers. Combined with the Webscale CDN, it can reduce the load on your application servers to a fraction of what it would otherwise be.
Site Cache is configured by rules that decide what is cacheable and what is not. Rules can also specify how long items may be cached and on which browser. Request characteristics are used to identify cache entries, allowing for caching multiple versions of the same resource targeted for different browsers and user states (for example, logged in or not logged in).
Web Controls is a DIY policy and rules engine impacting site security and performance, available inside the Webscale Portal. A Web Control is a set of conditions combined with a set of actions that can run whenever a request is proxied by the Webscale Data Plane. They allow you to change requests and responses and affect how requests are processed in a very flexible way.
Site Splicing allows for combining multiple components, such as microsites, backends, canned content, and more into a single site, allowing each of your components to be responsible for a single purpose.
Webscale allows you to inject content into your microsite without making any changes to the application components. With PWA or headless applications, it is possible to serve your application entirely from one or more microsites, depending on the needs of your application.
In combination with the Webscale CDN, allows for deployment of serverless application components that run near your site’s users to deliver high performance.
Allows offloading application code to the Webscale Data Plane, removing the need to run servers and enabling a variety of deployment options.
When a request is satisfied by a serverless compute function, the use of the function is called an invocation. An invocation consumes resources and so each plan includes a finite number of invocations.
Automated image management ensures online buyers receive the right image for their specific device, every time, and ideally always from the cache closest to the end user.
As the Webscale Data Plane sits between your customers and your application components, the latter are no longer directly exposed to the internet. Additionally, application shielding can be used to manage a cloud provider security group or firewall to prevent unauthorized requesters from any direct access to your servers.
The Webscale security platform automatically obtains and renews site certificates so that HTTPS is always functional. If you add a new hostname, it will automatically adjust.
Many customers have premium certificates that wish to continue using on our platform. The Webscale dataplane supports management of one or more certificates alongside our Auto HTTPS feature to ensure that every deployed domain is secure and that an expired certificate will not be a customer facing issue.
Requests are automatically geo-located to their origin country. You can configure rules in Web Controls to only allow access from certain countries or block access for other countries.
Automatic protection of your site is always on by limiting the maximum number of concurrent requesters that can be active at a time. Dynamic address sets are used to block repeat requesters. Predictive Auto-scaling of the Webscale Data Plane absorbs the attacks.
Complete over-the-top support for CSP that is independent of your application implementation, providing additional protection and control. By separating the statement of what your site is allowed to use from the site itself, an attacker is unable to inject attacks into your site and succeed.
Basic: Requests to your site from a single requester are automatically rejected for a blocking period if they exceed a certain built-in rate.
Advanced: Different rates can be configured for different parts of your site, along with configurable blocking periods.
Separate legitimate bots from bad bots using Webscale-provided Address Sets, dynamically updated every five minutes. The Webscale Bot Manager automatically detects and categorizes malicious bot behavior.
Using multiple technologies, stops automated attacks against your site while still allowing humans through.
The Cloud WAF protects your application by examining HTTP requests and blocking or modifying those that are malicious.
Basic: Automatically blocking known attack signatures.
Advanced: Allows for configuration of custom conditions that can identify more advanced attacks.
Automated protection for applications from the most common vulnerabilities, such as SQL Injections, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and other OWASP Top 10 threats.
Issues long-lasting certificates to protect communication from the Webscale Data Plane to your application servers, avoiding frequent maintenance and application downtime. When publicly trusted certificates are used, they can expire unexpectedly, leading to application downtime.
When managing your application configurations and other resource definitions, Role-based Access Control gives you fine-grained control of how you assign permissions to users.
Using knowledge of user behavior on ecommerce sites, CAP recognizes and stops carding attacks before they happen.
Sometimes, achieving all the functionality of your site requires engaging another technology that sits in front of the Webscale Data Plane. To correctly identify requests that occur through such a technology, it can be registered as a Trusted Proxy, and it is possible to limit access to your site that all requests must come from a Trusted Proxy.
The ability to enable role based permissions to sections of your application to protect access from the general internet.
Exfiltration of data from your site is prevented by limiting access or the number of requests that can occur to sensitive parts of your site.
Logs that record who made what changes to configurations and access.
Automatically tracks user sessions without any additional technology. Makes session IDs available in the Webscale Traffic Viewer so that the requests belonging to a session can be analyzed.
Automatically collects performance data from your site user’s browser, making it easier to tune your Core Web Vitals and gain a better understanding of how code changes to your site affect performance.
Available within the Webscale Portal, it allows for detailed, real-time view of CDN requests, requests to your application servers, requests handled by the Webscale Data Plane, events generated by your application monitors, configuration changes, and custom logs from your application.
All online logs are viewed using the Webscale Traffic Viewer. Storage for online logs is billed per GB and the duration of online logs can be configured for each application and account.
Logs that are no longer required to be viewed in the Webscale Traffic Viewer but should still be retained for audit purposes can be archived. Archived Logs are available for download via API calls. Storage for Archived Logs is billed per GB and the duration of Archived Logs can be configured for each application and account.
A Monitor is a configurable observer of some component of your application, and is used to notify you or take action when some condition is met. For example, you can configure a Monitor that notifies you when your average response time for critical pages is over a certain threshold.
Custom Log Capture is a feature of the Webscale Monitoring Agent (WMA) that is also used to capture information about your application servers for auto-scaling. Logs can be captured from files in real-time and are stored as online custom logs that are then made available via the Webscale Traffic Viewer.
Allows for synthetic tests to be configured by Webscale personnel that can then be run by the merchant at any time. A report is produced for each test and can be used to evaluate performance, correct function, and scalability. For Hosted Customers Only.
Provides a range of services that bridge the gap between development and infrastructure, including pre-launch review of platform upgrades, assistance with application functionality and multi-store configuration. For Hosted Customers Only.
One-time assistance to identify hard-to-troubleshoot problems, and provide specific remediation. Services include running a New Relic / Blackfire profiler, reviewing error logs, problem database queries and specific areas of code causing slowness or errors. For Hosted Customers Only.
Fully managed hosting on any public cloud and for any ecommerce platform. Unlimited, real-time, predictive auto-scaling and right-sized hosting infrastructure ensuring the lowest cost and highest ROI. Add-ons for 360-degree security, and automated site performance optimization.
When additional control is required beyond a CDN or Edge Compute, the Webscale Data Plane can be deployed into multiple regions and a merchant will use the one closest to it. This allows for distributed Site Cache and Web Controls, increasing performance to multiple locations.

Add-on Services

Cloud Hosting

  • Included with Base plan; optional for Advanced, Premier and Ultra plans
  • Your application deployed in AWS, Google Cloud, Azure or any other public cloud service provider
  • Unlimited, real-time, predictive auto-scaling and right-sized hosting infrastructure ensuring the lowest cost and highest ROI
  • Free migration to the Webscale One platform; auto-provisioning systems to prevent human errors common with manual traditional hosting providers
  • Plans priced based on consumption of resources

Learn More

DevOps Support

  • Pre-launch review for application upgrades
  • Assistance with application functionality
  • Multi-store configuration assistance
  • Assistance with PWA demo installation
  • Webscale approved application patch installs & recommendations
  • Application tracing
  • Suitable for all Webscale software plans

Learn More

Code and Infrastructure Review

  • Provide specific remediation
  • Investigate specific problem or bug
  • New Relic / Blackfire Profiler
  • Review of error logs
  • Review problem database queries
  • Provide specific areas of code causing slowness or errors
  • Full malware scan
  • Suitable for all Webscale software plans

Learn More

Application Load Testing

  • Full environment replication
  • Post deployment load testing against cloned production environment
  • Customized testing plan to best simulate real user load
  • Submission of test orders to fully flush out checkout issues
  • Suitable for all Webscale software plans

Learn More