diff --git a/push.php b/push.php
deleted file mode 100644
index 2ae412a..0000000
--- a/push.php
+++ /dev/null
@@ -1,93 +0,0 @@
-<?php
-/**
- * portspoof_concentrator – HTTP push trigger
- *
- * Reads the frequent IPs list and pushes each IP to the external blacklist API.
- * Complements trigger.php (fetch) and purge.php (purge) as the third HTTP action endpoint.
- *
- * Authentication (any one of):
- *   - Active web session (logged-in browser)
- *   - Authorization: Bearer <TRIGGER_TOKEN>
- *   - ?token=<TRIGGER_TOKEN>
- *
- * Usage:
- *   GET/POST  /push.php
- *   GET/POST  /push.php?token=<secret>
- *   GET/POST  /push.php   (with header: Authorization: Bearer <secret>)
- *
- * Always returns JSON.
- */
-
-require_once __DIR__ . '/includes/auth.php';
-require_once __DIR__ . '/includes/functions.php';
-
-header('Content-Type: application/json');
-
-// ── Auth ──────────────────────────────────────────────────────────────────────
-
-$session_ok = false;
-if (auth_enabled()) {
-    if (session_status() === PHP_SESSION_NONE) {
-        session_start();
-    }
-    $session_ok = !empty($_SESSION['authenticated']);
-}
-
-$token_ok = false;
-if (TRIGGER_TOKEN !== '') {
-    $provided = '';
-    $auth_header = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
-    if (str_starts_with($auth_header, 'Bearer ')) {
-        $provided = substr($auth_header, 7);
-    }
-    if ($provided === '' && isset($_REQUEST['token'])) {
-        $provided = $_REQUEST['token'];
-    }
-    $token_ok = $provided !== '' && hash_equals(TRIGGER_TOKEN, $provided);
-}
-
-if (!$session_ok && !$token_ok) {
-    http_response_code(401);
-    echo json_encode(['error' => 'Unauthorized']);
-    exit;
-}
-
-// ── Run push ──────────────────────────────────────────────────────────────────
-
-$started_at = microtime(true);
-$threshold  = (int)get_setting('frequent_ip_threshold', '5');
-$rows       = frequent_ips($threshold);
-$results    = [];
-
-$expire_date = date('ymdHis', strtotime('+6 months'));
-
-foreach ($rows as $row) {
-    $ip  = $row['src_ip'];
-    $url = 'https://www.daprogs.com/api/ipban199/blacklist.php'
-         . '?a=add&type=2&date=' . $expire_date . '&reason=portspoof&ip=' . urlencode($ip);
-
-    $ch = curl_init($url);
-    curl_setopt_array($ch, [
-        CURLOPT_RETURNTRANSFER => true,
-        CURLOPT_TIMEOUT        => 10,
-    ]);
-    curl_exec($ch);
-    $http_code = (int)curl_getinfo($ch, CURLINFO_HTTP_CODE);
-    curl_close($ch);
-
-    $results[] = [
-        'ip'        => $ip,
-        'http_code' => $http_code,
-        'ok'        => ($http_code >= 200 && $http_code < 300),
-    ];
-}
-
-$elapsed_ms = (int)round((microtime(true) - $started_at) * 1000);
-
-echo json_encode([
-    'ok'         => true,
-    'elapsed_ms' => $elapsed_ms,
-    'threshold'  => $threshold,
-    'pushed'     => count($results),
-    'results'    => $results,
-], JSON_PRETTY_PRINT);