Expand country blocking to more high-risk countries

- Add IN, VN, BR, TR, ID, TH, BD, PK, RO to blocked list
- Update alternative IP ranges for new countries in script
- Enhance documentation with rationale, risk assessment, and best practices
- Add test script for verifying country blocking functionality
- Improve Ansible tasks for dependency installation

config/ansible/group_vars/servers.yml

@@ -4,12 +4,25 @@ install_ui_apps: false
 
 # Country blocking configuration for Caddy
 # List of countries to block by ISO 3166-1 alpha-2 country codes
-# Common examples: CN (China), RU (Russia), KP (North Korea), IR (Iran), BY (Belarus)
+# Includes user-specified countries and top sources of malicious IP traffic
 blocked_countries_codes:
+  # User-specified countries
   - CN # China
   - RU # Russia
+  - IN # India
   - KP # North Korea
+
+  # Top countries for malicious IP traffic and abuse
   - IR # Iran
+  - VN # Vietnam
+  - BR # Brazil
+  - TR # Turkey
+  - ID # Indonesia
+  - TH # Thailand
+  - BD # Bangladesh
+  - PK # Pakistan
+  - RO # Romania
+  - BY # Belarus
 
 # IP ranges for blocked countries (generated automatically)
 # This will be populated by the country blocking script