blog: making pure-Rust ModSecurity pass stock OWASP CRS v4

[raffaelschneider]

Summary

New engineering deep-dive post (content/blog/pure-rust-modsecurity-crs-v4.md, dated 2026-06-16) on the zentinel-modsec 0.1.3 work:

• The core theme — "parsing isn't running": stock CRS v4 loaded 666 rules but blocked every request and never accumulated an anomaly score.
• The six SecLang semantics that parsed but executed wrong (operator-arg macros, quoted setvar, setvar-value macros, header selector case, @ipMatch/multipart, variable-less SecAction) plus the loader fixes.
• Real before/after CLI output and an honest "666 of ~688 rules" caveat. No invented benchmark numbers — frames a full-CRS wafworth run as the explicit next post.

Decision needed

• The post currently credits "a community bug report" with a link to the issue (which surfaces the reporter's handle) rather than naming them directly. Change to a direct credit if preferred.

[cloudflare-workers-and-pages]

Deploying zentinelproxy-io with    Cloudflare Pages

Latest commit:	b778a8d
Status:	✅  Deploy successful!
Preview URL:	https://ea62a5b4.zentinelproxy-io.pages.dev
Branch Preview URL:	https://blog-pure-rust-modsec-crs-v4.zentinelproxy-io.pages.dev

View logs