Feature Request: WAF functionality leveraging OWASP CRS, implemented and enabled by default

[dune73]

Creating this feature request was recommended by @drcaramelsyrup at

https://github.com/cloudflare/pingora/issues/31#issuecomment-2000798482

OWASP CRS currently runs on the following WAF engines:

• OWASP ModSecurity v2
• OWASP ModSecurity v3
• OWASP Coraza

Commercial integrations are done via custom implementations of the rule language. This includes the Cloudflare setup.

If a new open source Reverse Proxy is created, then giving it WAF functionality based on the de facto standard rule set from the beginning would be useful.