To establish a secure username and password for accessing your web server, utilize the following code snippet. Additionally, for enhanced security, you can implement geo-authentication to whitelist specific IP addresses, ensuring that only authorized users gain access while keeping unwanted visitors and bots at bay.

sudo sh -c "echo -n 'username:' >> /etc/nginx/.htpasswd"
sudo sh -c "openssl passwd -apr1 >> /etc/nginx/.htpasswd"
cat /etc/nginx/.htpasswd

Edit the nginx config
Here's how you can integrate geo-authentication into your nginx configuration file:

sudo vi /etc/nginx/conf.d/default.conf

# Configure no login for specified IP addresses
geo $authentication {
    default "Authentication required";
    <IP to whitelist> "off";
}

# Location block for authentication
location / {
    try_files $uri $uri/ /index.php?$args;
    auth_basic $authentication;
    auth_basic_user_file /etc/nginx/.htpasswd;
}

# Verify nginx configuration and restart service if test passes
sudo nginx -t
sudo service nginx restart