# wp-honeypot configuration
# Copy to config.env and edit for your site.
# Used by install.sh and honeypot-intel.sh.

# --- Site identity (shown on fake login page) ---
SITE_NAME="My WordPress Site"
SITE_URL="https://example.com"

# --- Log paths (on the target server) ---
LOG_FILE="/var/log/wp-honeypot.log"
INTEL_FILE="/var/log/wp-honeypot-intel.jsonl"
STATE_DIR="/var/lib/wp-honeypot"

# --- Tarpit behavior ---
MAX_DELAY=30               # Max sleep() seconds per attempt

# --- fail2ban thresholds ---
F2B_MAXRETRY=20            # Attempts before ban
F2B_FINDTIME=86400         # Window in seconds (24h)
F2B_BANTIME=2592000        # Ban duration in seconds (30 days)

# --- Deployment target (for install.sh and honeypot-intel.sh) ---
# Local mode: leave TARGET_HOST empty, set WP_ROOT directly
# Remote SSH mode: set TARGET_HOST (e.g., user@host)
# Proxmox LXC mode: set TARGET_HOST and TARGET_VMID
TARGET_HOST=""             # e.g., "root@100.115.34.54"
TARGET_VMID=""             # e.g., "550" (Proxmox LXC container ID)
WP_ROOT="/var/www/html"    # WordPress document root on target