# ------------------------------------------------------------------
# BotGuard environment configuration
# Copy this file to `.env` and adjust for your server.
# `.env` is never committed and is not web-accessible (lives above public/).
# ------------------------------------------------------------------

APP_NAME="BotGuard"
APP_ENV=local
APP_DEBUG=true
APP_URL=http://localhost:8000
APP_TIMEZONE=UTC

# Generate a random 32+ char key: php -r "echo bin2hex(random_bytes(32));"
APP_KEY=

# --- Database (MySQL 8) ---
DB_DRIVER=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=botguard
DB_USERNAME=root
DB_PASSWORD=

# --- Session / cookies ---
SESSION_NAME=BOTGUARD_SESSID
SESSION_LIFETIME=7200
COOKIE_DOMAIN=

# Comma-separated proxy IPs whose forwarding headers may be trusted (e.g. Cloudflare).
TRUSTED_PROXIES=

# --- Rate limiting ---
RATE_LIMIT_PER_MINUTE=120

# --- Detection thresholds (0-100) ---
THRESHOLD_HUMAN=80
THRESHOLD_SUSPICIOUS=60

# --- Default seeded administrator (change after first login) ---
ADMIN_EMAIL=admin@example.com
ADMIN_PASSWORD=ChangeMe!123
ADMIN_NAME="Site Administrator"

# --- CAPTCHA providers (optional; puzzle is the default and needs no keys) ---
CAPTCHA_PROVIDER=puzzle
RECAPTCHA_SITE_KEY=
RECAPTCHA_SECRET=
HCAPTCHA_SITE_KEY=
HCAPTCHA_SECRET=
TURNSTILE_SITE_KEY=
TURNSTILE_SECRET=
