# Put server.pm in /usr/share/nginx/perl/lib

perl_modules perl/lib;
perl_require server.pm;
perl_set $ddos protection::protect;
perl_set $token protection::token;

server {
    server_name hello.index.hm;
    root /var/www/html;

    error_page 401 @challenge;
    location @challenge {
       sub_filter_once off;
       sub_filter "%TOKEN%" $token;

       try_files /challenge.html =401;
    }

    # Protects all static and dynamic files. Bad idea if you have resources (e.g. css, images)

    #location / {
    #   if ( $ddos = 0 ) {
    #      return 401;
    #   }
    #}

    # Protects just PHP files

    location ~ \.php$ {
        if ( $ddos = 0 ) {
           return 401;
        }
        # You should probably edit this to match your fastcgi config.
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php.fpm;
        fastcgi_index index.php;
        include /etc/nginx/fastcgi_params;
        fastcgi_param SCRIPT_FILENAME /html$fastcgi_script_name;
    }
}