ModSecurity Solutions

Secure Your Web Applications With ModSecurity Rules and WAF From Atomicorp

A web application firewall (WAF) capability provides defense of websites and web applications from hackers and malware by filtering and monitoring HTTP traffic between a web app and the Internet. The WAF protects against a variety of application layer attacks including credential theft, code injection, cross-site scripting (XSS), cookie poisoning, CSRF, SQL injection, DoS, ransomware, and more. ModSecurity, sometimes referred to as ModSec, is an open-source web security framework that when combined with rules allows users to build WAFs for free.

Atomicorp offers four solutions for your ModSecurity and WAF needs ranging from open source ModSecurity Free ModSecurity Rules, our robust commercial version of rules and our commercial turnkey WAF virtual appliance.

Trustwave Discontinues ModSecurity Support

Trustwave announced in August 2021 that it would no longer be supporting ModSecurity. Trustwave also set a date for end-of-support for its ModSecurity rule set. The move leaves Atomicorp as the primary commercial ModSecurity rules provider in the industry. Atomicorp will continue its 20-year commitment to the still quite active ModSec user community.

“We’ve been with ModSecurity the longest – since the very beginning – and we are committed to continue to enthusiastically support it for the foreseeable future. We are more than happy to support Trustwave ModSecurity users, whether they wish to keep the Trustwave rules or upgrade to an Atomicorp commercial rules feed.” — Michael Shinn, the founder and CEO of Atomicorp.

Read the press release.

Angled border

Atomic ModSecurity Rules


Also for technical security engineers, who want use of thousands of web application security rules, virtual patching, and get expert support for effective deployment of the rules, particularly in conjunction with cPanel and Plesk web hosting panel environments. We also offer Remote ModSecurity Rules which are preconfigured and hosted on our hubs.

Available for only $225 per server per year. Bulk pricing is available for larger installations. Need it for proxy servers? Contact sales about our proxy version


Atomic WAF


For enterprise users who want to use ModSecurity Rules with a graphical user interface (GUI) and management console to protect and govern their web entities, with support for content management systems such as Drupal and WordPress.

Atomic WAF is ready at only $330 per server per year (minumum of 5 licenses). Bulk pricing is available for larger installations. Ask for a bulk pricing quote.


ModSecurity Download


Need to download ModSecurity for free and you want to create your own rules. You can download ModSecurity foundation for free with no registration required. Need some free rules to kickstart your ModSecurity? Just register for our Free ModSecurity Rules (see next column). All that is required is to register it.


Free ModSecurity Rules


For technical security engineers who have zero or limited budget and want to dabble in harnessing the power of the ModSec WAF rule set.


ModSecurity Comparison

Feature Free ModSecurity Rules Remote ModSecurity Rules Atomic ModSecurity Rules (Local) Atomic WAF
Cost Free $22.50 per server per month. $225 per server per year. Bulk discounts avail. $300 per IP/Server. Bulk discounts avail.
Enterprise-level Support        
Number of Rules Hundreds Thousands Thousands Thousands
Supports Unlimited Custom Rules        
Update Frequency Periodically Daily Daily Daily
Response Time for False Positives Community support Within the hour Within the hour Within the hour
Support Model Community 24/7/365 24/7/365 24/7/365
Basic Attack Blocking        
Scanner Blocker        
Proxy Abuse        
Custom White/Blacklists        
Supports Third Party RBLs        
Easy Geoblocking        
Virtual Patches        
PageRank Protection        
Brute Force Attacks        
Advanced Attacks Blocked (SSRF, XXE)        
Data Loss Prevention        
Realtime Malware Protection        
Content Scraping Protection        
Layer 7 DOS Protection        
Realtime Malware Removal System        
Automatic Whitelisting        
Machine Learning        
AntiSpam Protection        
Real Time Threat Intelligence        
Management Console        
Rules Editing Command Line   Command Line GUI
Management Reports        
Compliance Reports        
Role based access control GUI        
MFA SSO integration in GUI        
Cloudflare Integration        
Included Software Rules only   Modsecurity, Rule Updater, Rules, Libraries Modsecurity, Rule Updater, Rules, Libraries, Full management GUI and CWPP for appliance
Setup Process Manual Simple One Step Automated One Step Automated
Update Process Manual Automated Automated Automated

Agented ModSecurity Rules vs. Remote ModSecurity Rules

Download our solution overview on the difference between monthly remote rules and traditional on-premise ModSecurity

Read Our Solution Brief for WAF and Web Application Security

Attacks come virtually, across the cloud and internet, putting your communicative web entities at risk. Secure your web servers, websites, endpoints, and data, with Atomicorp zero trust cloud workload protection and ModSecurity WAF.

Read the Atomicorp ModSecurity Rules and WAF solution brief.

Angled border

Request a Demo