ModSecurity Solutions

Secure Your Web Applications With ModSecurity Rules and WAF From Atomicorp

A web application firewall (WAF) capability provides defense of websites and web applications from hackers and malware by filtering and monitoring HTTP traffic between a web app and the Internet. The WAF protects against a variety of application layer attacks including credential theft, code injection, cross-site scripting (XSS), cookie poisoning, CSRF, SQL injection, DoS, ransomware, and more. ModSecurity, sometimes referred to as ModSec, is an open-source web security framework that when combined with rules allows users to build WAFs for free.

Atomicorp offers three solutions for your ModSecurity and WAF needs ranging from free ModSecurity rules to commercial turnkey WAF virtual appliances:

Angled border

Free ModSecurity Rules


For technical security engineers who have zero or limited budget and want to dabble in harnessing the power of the ModSec WAF rule set.


Atomic ModSecurity Rules


Also for technical security engineers, who want use of thousands of web application security rules, virtual patching, and get expert support for effective deployment of the rules, particularly in conjunction with cPanel and Plesk web hosting panel environments.

Available for only $225 per server per year. Bulk pricing is available for larger installations. Need it for proxy servers? Contact sales about our proxy version of Atomic ModSecurity Rules.


Atomic WAF


For enterprise users who want to use ModSecurity Rules with a graphical user interface (GUI) and management console to protect and govern their web entities, with support for content management systems such as Drupal and WordPress.

Atomic WAF is ready at only $300 per server per year (minumum of 5 licenses). Bulk pricing is available for larger installations. Ask for a bulk pricing quote.


Trustwave Discontinues ModSecurity Support

Trustwave announced in August 2021 that it would no longer be supporting ModSecurity. Trustwave also set a date for end-of-support for its ModSecurity rule set. The move leaves Atomicorp as the primary commercial ModSecurity rules provider in the industry. Atomicorp will continue its 17-year commitment to the still quite active ModSec user community.

“We’ve been with ModSecurity the longest – since the very beginning – and we are committed to continue to enthusiastically support it for the foreseeable future. We are more than happy to support Trustwave ModSecurity users, whether they wish to keep the Trustwave rules or upgrade to an Atomicorp commercial rules feed.” — Michael Shinn, the founder and CEO of Atomicorp.

Read the press release.

ModSecurity Webinar

ModSecurity Comparison

Feature Free ModSecurity Rules Atomic ModSecurity Rules Atomic WAF
Cost Free $225 per server per year. Bulk discounts avail. $300 per IP/Server. Bulk discounts avail.
Enterprise-level Support      
Number of Rules Hundreds Thousands Thousands
Supports Unlimited Custom Rules      
Update Frequency Periodically Daily Daily
Response Time for False Positives Community support Within the hour Within the hour
Support Model Community 24/7/365 24/7/365
Basic Attack Blocking      
Scanner Blocker      
Proxy Abuse      
Custom White/Blacklists      
Supports Third Party RBLs      
Easy Geoblocking      
Virtual Patches      
PageRank Protection      
Brute Force Attacks      
Advanced Attacks Blocked (SSRF, XXE)      
Data Loss Prevention      
Realtime Malware Protection      
Content Scraping Protection      
Layer 7 DOS Protection      
Realtime Malware Removal System      
Automatic Whitelisting      
Machine Learning      
AntiSpam Protection      
Real Time Threat Intelligence      
Management Console      
Rules Editing Command Line Command Line GUI
Management Reports      
Compliance Reports      
Role based access control GUI      
MFA SSO integration in GUI      
Cloudflare Integration      
Included Software Rules only Modsecurity, Rule Updater, Rules, Libraries Modsecurity, Rule Updater, Rules, Libraries, Full management GUI and CWPP for appliance
Setup Process Manual One Step Automated One Step Automated
Update Process Manual Automated Automated

Read Our Solution Brief for WAF and Web Application Security

Attacks come virtually, across the cloud and internet, putting your communicative web entities at risk. Secure your web servers, websites, endpoints, and data, with Atomicorp zero trust cloud workload protection and ModSecurity WAF.

Read the Atomicorp ModSecurity Rules and WAF solution brief.

Angled border

Request a Demo