Adding geoip module and instituting a deny variable for vhosts to consume

2025-12-02 14:43:49 -06:00
parent 31992aa487
commit ad6e48d7e0
5 changed files with 59 additions and 2 deletions
--- a/roles/WebServer/files/nginx.conf
+++ b/roles/WebServer/files/nginx.conf
@@ -7,6 +7,7 @@ error_log              logs/error.log notice;
 error_log              logs/error.log info;

 load_module /usr/lib/nginx/modules/ngx_http_modsecurity_module.so;
+load_module /usr/lib/nginx/modules/ngx_http_geoip2_module.so;

 events {
    worker_connections 1024;
@@ -24,6 +25,8 @@ http {
    keepalive_timeout  65;
    gzip               on;

+    include conf/geoip.conf;
+
    # Redirect all HTTP to HTTPS
    server {