# production or development
NODE_ENV=production

############################### TOKENS ###############################
# Cloudflare (https://dash.cloudflare.com/profile/api-tokens)
CLOUDFLARE_ZONE_ID=00000000000000000000000000000000
CLOUDFLARE_API_KEY=0000000000000000000000000000000000000000

# AbuseIPDB (https://www.abuseipdb.com/account/api)
ABUSEIPDB_API_KEY=00000000000000000000000000000000000000000000000000000000000000000000000000000000

############################### CYCLES ###############################
# Main interval (in minutes) of each cycle. For production 2h; development 8s.
CYCLE_INTERVAL=120

# The minimum time (in hours) that must pass after reporting an IP address before it can be reported again.
# The required time is >= 15 minutes, according to AbuseIPDB API limits.
REPORTED_IP_COOLDOWN_MS=7

# The maximum URI length that can be reported to AbuseIPDB.
# If Cloudflare returns a longer URI, the API request will fail.
MAX_URL_LENGTH=920

# Additional delay (in miliseconds) after each successful IP report to avoid overloading the AbuseIPDB API.
SUCCESS_COOLDOWN=80

# Interval for refreshing your IP address (in minutes).
# This ensures that WAF violations originating from your IP address are not reported to AbuseIPDB.
IP_REFRESH_INTERVAL=80

############################### SEFINEK API ###############################
# Secret key for api.sefinek.net
SEFINEK_API_SECRET=

# Report IP addresses to api.sefinek.net to support the development of the repository at https://github.com/sefinek/Malicious-IP-Addresses. SEFINEK_API_SECRET is required if true.
REPORT_TO_SEFINEK_API=false

# How often should the log (reported_ips.csv) be analyzed and sent to the Sefinek API? In hours.
SEFINEK_API_INTERVAL=1

# Sefinek API v2 URL
SEFINEK_API_URL=https://api.sefinek.net/api/v2