Expand description
§sentinel-modsec
Pure Rust implementation of ModSecurity with full OWASP CRS compatibility.
This crate provides a complete ModSecurity rule engine without any C/C++ dependencies, making it easier to deploy, audit, and maintain.
§Features
- Full SecRule language support
- OWASP CRS compatibility (800+ rules)
- Pure Rust libinjection for @detectSQLi/@detectXSS
- Thread-safe, async-ready transaction processing
- Zero external C/C++ dependencies
§Quick Start
ⓘ
use sentinel_modsec::{ModSecurity, Rules, Transaction};
// Create engine and load rules
let modsec = ModSecurity::new();
let mut rules = Rules::new();
rules.add_plain("SecRuleEngine On")?;
rules.add_file("/etc/modsecurity/crs/rules/*.conf")?;
// Process a request
let mut tx = modsec.transaction(&rules);
tx.process_uri("/api/users?id=1", "GET", "HTTP/1.1")?;
tx.add_request_header("Host", "example.com")?;
tx.process_request_headers()?;
// Check for intervention
if let Some(intervention) = tx.intervention() {
println!("Blocked: status={}", intervention.status());
}Re-exports§
pub use engine::ModSecurity;pub use engine::Transaction;pub use engine::Intervention;pub use engine::ruleset::Rules;pub use engine::ruleset::CompiledRuleset;pub use error::Error;pub use error::Result;
Modules§
- actions
- Action system for ModSecurity rule execution.
- engine
- Transaction engine for ModSecurity rule processing.
- error
- Error types for sentinel-modsec.
- libinjection
- Pure Rust implementation of libinjection for SQLi and XSS detection.
- operators
- Operator implementations for ModSecurity.
- parser
- SecRule parser module.
- transformations
- Transformation functions for ModSecurity.
- variables
- Variable system for ModSecurity.
Constants§
- PROTOCOL_
VERSION - Protocol version for compatibility tracking
- VERSION
- Crate version