Toggle mobile navigation

Twitter Facebook LinkedIn GooglePlus

Atomicorp’s Realtime Gotroot Modsecurity Rules

By Ava Mutchler

Atomicorp’s Realtime Gotroot ModSecurity Rules

The Internet’s Oldest, Most Trusted, and Most Comprehensive Source of WAF Rules


ModSecurity is an apache web server module that allows you to build a web application firewall (WAF) and to protect your web applications. You can use ModSecurity in either an integrated manner, to protect the web server and its applications, or as a proxy for other web servers allowing you to build your own WAF at a fraction of the cost of traditional solutions. This module is extremely powerful, but like a word processor its useless without content. You need good rules – rules that stop bad things and allow good things.

                    Web Server         
modsecurity 2

The Atomicorp team has been writing ModSecurity rules longer than anyone else and even long before OWASP existed. Our rules are used by more people than all other rule sets combined! And for good reason, our rules are written so that you don’t have to be a security expert, unlike other ModSecurity products. Atomicorp ModSecurity rules work right out of the box without any tuning and without interference to your applications and users!

 Trusted by more users than all other commercial ModSecurity rule sets combined
 Developed and maintained by the industries most experienced ModSecurity experts
 Optimized for speed, memory usage, high detection rate, and low false positives
 Updated on a immediate and continuous basis
 Proprietary technology minimizes false positives/negatives and update time
 Thoroughly tested with thousands of the most popular web applications
 Over 25,000 rules and counting!


Order Now! Atomicorp Real Time Rules – $199.99 per Year


The Atomicorp/Gotroot Realtime WAF Rules Provide an Immediate Solution for the Following Challenges:

  Site Defacement and Comment Spam XML Attacks Advanced Persistent Threats
  Web Application Vulnerabilities SQL Injection, Cross Site Scripting Recursion Attacks
  PCI-DSS and other Regulatory Compliance Advanced CSRF Attacks Data Theft and Information Leakage
  Rootkits and Malware File and Code Injection And More!


Built in Performance Enhancements

The Atomicorp/Gotroot Reatime WAF rules incorporate a number of unique and effective performance enhancements. Among these, the rules detect static content and will bypass the appropriate rules automatically for the static content, without sacrificing security. Our rules also perform parallel searches to speed up analysis and to bypass entire classes of rules when its clear the content does not contain that payload. We also build in numerous exceptions based on known trusted behavior of thousands of applications and libraries to ensure that the rules work right out of the box with no tuning, modification, or disabling of rules required.

The Atomicorp Realtime Gotroot ModSecuirty rules provide a number of proprietary features. For a feature comparison vs other rule sets, please see the Atomicorp Realtime GotRoot ModSecurity Rules vs the Competition chart.

Zero Day Attack Protection

Unlike other security products, the Atomicorp WAF rules do not depend on signatures that require constant updating as they include technology to detect and stop entire classes of attacks such as code injection, protocol violations, SQL injection, cross site scripting and more!

No Limit on Domains!

Unlike other companies that charge large fees by the domain for their ModSecurity rules, you can use our rules on your server with as many domains as you want! That’s right, no limit, unlimited domains, no extra fees.

Our company was founded by veterans of the Hosting, Security and Control Panel industries, so we understand how your business works. Domain based licensing just doesn’t work. It leaves your systems wide open to attack and it prevents you from selling new domains until you secure yet another expensive license! With Atomicorp, a single license protects your entire server and lets you use the rules with as many domains as you like.

Supported by the Following Platforms among Others:

    linux-logo small      beastie dock icons 11771037 thumb images windows-icon 120px-Icon-sun-solaris os.svg
  Linux BSD MacOS Windows Solaris

Tested and Supports Thousands of Web Applications Including:

   Drupal Plesk osCommerce OpenCart MediaWiki
  WordPress CPanel Horde OpenWebMail PhpBB
  Joomla OpenCMS OWA Alfresco and More!
  Sharepoint Moodle ModX VBulletin  

Included with Rules Subscription

 Real-time rule updates

 Absolutely No Limit on Domains! A single server license can be used with as many domains as you like.

 Unlimited Web-Based and Email Rule Support for False Postive/False Negative detections

 Both real-time ModSecurity and Clamav rules

 Development of new rules based on request

 Real-time rule updates*

Note: Priority/Premium support options including phone support and professional services are also available.

It is the obligation of the customer to provide support of the installation, implementation, and maintainance of modsecurity and related modules. If modsecurity module support is desired, it is recommended that Atomic Secured Linux (ASL) is chosen, as this includes modsecurity and modsecurity support.

* Free False Positive and False Negative updates are available for most popular publicly available web applications. For other applications fees apply. Determination of what applications meet this criteria is at the sole discretion of Atomicorp.

Ordering Instructions 

The Atomicorp ModSecurity rule set is offered direct from Atomicorp for just $14.95 a month or $99.99 a year. To purchase, please see the Atomicorp Store.

Although the Atomicorp ModSecurity rule set enables the highest level of protection possible from a web application firewall, we do highly recommend that you consider our Atomic Secured Linux product. Atomic Secured Linux provides protection for your entire server by including a web application firewall which utilizes the Atomicorp rules along with a hardened kernel and other security functions. Please see our Atomic Secured Linux (ASL) page for additional information. ASL is offered for $29.95 a month, or $199.95 a year. A 10 day free trial is also available for ASL.

For a listing and comparison of Atomicorp product features, please see the Atomicorp Product Comparison page.

Terms and Conditions

Purchase of a Atomicorp ModSecurity rule license entitles the purchaser to access and download from the Atomicorp Repository to a single IP address within the time period of the license. A separate license is required for each dedicated server/host or VPS that the rule set is installed upon. 

Installation of the Atomicorp ModSecurity rules on a Reverse Proxy WAF appliance/server requires a separate license. Please contact Atomicorp support for details. 

The rule set cannot be copied, mirrored, or reproduced under protection of US and International copyright laws.

Use of the rule set is limited to the time period of the license. If the license period of a rule set expires, it must must removed from its installed server and no longer used. Atomicorp reserves the right to track and enforce license compliance of the Atomicorp Modsecurity rule sets.

Agreement to these terms and conditions and the Atomciorp End User License Agreement is required to download and use the Atomicorp ModSecurity rules. Please see Atomicorps End User License Agreement  for further details.


Atomicorp/ Rules Protection Summary

tick  Protocol Violations – Prevents common attacks by detecting protocol manipulation methods used to launch advanced attacks. Prevents resource abuse used to launch Denial of Service attacks.

tick  Credential Theft – Prevents cookie and other credential theft.

tick  Spam – The most robust content spam protection system available for web sites, forums, blogs, guestbooks and more. Our rules detect spam, spamming techniques and other methods used by web spammers and prevents them from working, allowing you to run your website worry free from spam.

tick  Code Injection, including PHP, PERL, ASP, Coldfusion and other technologies – The most complete malicious code detection and prevention methods and especially tuned to prevent false positives will thousands of web applications. Prevents RFI attacks, obfuscated and cloaked code uploading methods and still allows known trusted applications to work. No tuning required!

tick  SQL Injection Attacks

tick  HTTP Response Splitting

tick  Cross Site Scripting, including Universal PDF Cross Site Scripting

tick  Malicious Client Detection and Blocking

tick  Google Hacks

tick  Just In Time Patching – Our unique JITP system addresses vulnerabilities in applications that can not be patched by patching it for you! Our JITP system will plug the holes in your applications so you can take the time needed to test updates, and yet still operate your system in a secure and safe manner. JITPs are released daily when new vulnerabilities are discovered so you don’t have to worry.

tick  Data Leakage – Detects unauthorized attempts to access protected files, sensitive information, backup files and other data to prevent it from being accessed by malicious parties. Advanced Data Leakage protection is provided in Atomic Secured Linux.

tick  Recursion Attacks – Prevents attacks from abusing file system bugs to access protected files, or areas of the system.

tick  Command Injection

tick  Trojan, Backdoor, Spam Tool, Shell and Rootkit Blocking – Detects thousands of different kinds of trojans to prevent already installed trojans, shells and other malicious applications from even running.

tick  E-mail Injection

tick  XML Protection

tick  Web RPC Protection – Automatic Detection of Real and Fake Search Engines to block attacks, and to auto-whitelist search engines

tick  And more!

Additonal Information

Please see the Atomicorp Documentation Wiki for FAQs, installation instructions, compatability information, and other detailed technical information.

 Cloudflare Rules

Latest Tweets