diff --git a/backend/core/bootstrap.php b/backend/core/bootstrap.php
index 2829246..e9401df 100644
--- a/backend/core/bootstrap.php
+++ b/backend/core/bootstrap.php
@@ -57,9 +57,45 @@ if ($vendorPath) require_once $vendorPath;
 require_once __DIR__ . '/helpers.php';
 
 // تحديد مسار الـ .env بشكل ديناميكي
-$envFile = getenv('ENV_FILE_PATH') ?: (__DIR__ . '/../.env');
+$siteUser = get_current_user();
+$homeDir = "/home/$siteUser";
+if (!is_dir($homeDir)) {
+    $homeDir = realpath(__DIR__ . '/../../../'); // Fallback
+}
+
+$envFile = getenv('ENV_FILE_PATH') ?: ($homeDir . '/.env');
+if (!file_exists($envFile)) {
+    $envFile = __DIR__ . '/../.env';
+}
 loadEnvironment($envFile);
 
+// تعيين مسارات المفاتيح تلقائياً إذا لم تكن معرفة في الـ .env
+if (!getenv('ENCRYPTION_KEY_PATH')) {
+    $encKeyDefault = "$homeDir/.enckey";
+    putenv("ENCRYPTION_KEY_PATH=$encKeyDefault");
+    $_ENV['ENCRYPTION_KEY_PATH'] = $encKeyDefault;
+}
+if (!getenv('SECRET_KEY_PATH')) {
+    $secKeyDefault = "$homeDir/.secret_key";
+    putenv("SECRET_KEY_PATH=$secKeyDefault");
+    $_ENV['SECRET_KEY_PATH'] = $secKeyDefault;
+}
+if (!getenv('SECRET_KEY_PAY_PATH')) {
+    $secPayKeyDefault = "$homeDir/.secret_key_pay";
+    putenv("SECRET_KEY_PAY_PATH=$secPayKeyDefault");
+    $_ENV['SECRET_KEY_PAY_PATH'] = $secPayKeyDefault;
+}
+if (!getenv('INTERNAL_SOCKET_KEY_PATH')) {
+    $sockKeyDefault = "$homeDir/.internal_socket_key";
+    putenv("INTERNAL_SOCKET_KEY_PATH=$sockKeyDefault");
+    $_ENV['INTERNAL_SOCKET_KEY_PATH'] = $sockKeyDefault;
+}
+if (!getenv('SERVICE_ACCOUNT_FILE_PATH')) {
+    $svcAcctDefault = "$homeDir/service-account.json";
+    putenv("SERVICE_ACCOUNT_FILE_PATH=$svcAcctDefault");
+    $_ENV['SERVICE_ACCOUNT_FILE_PATH'] = $svcAcctDefault;
+}
+
 // 4. Redis Connections (Dual Architecture)
 $redis = null;
 $redisLocation = null;
diff --git a/backend/driver_socket.php b/backend/driver_socket.php
index 36547e1..3b8659c 100644
--- a/backend/driver_socket.php
+++ b/backend/driver_socket.php
@@ -53,13 +53,19 @@ function loadEnvironment(string $filePath): void {
     logMsg('✅ Environment loaded.');
 }
 
-loadEnvironment('/home/location/env/.env');
+$siteUser = get_current_user();
+$homeDir = "/home/$siteUser";
+if (!is_dir($homeDir)) {
+    $homeDir = '/home/location'; // Fallback to original location
+}
+
+loadEnvironment(getenv('ENV_FILE_PATH') ?: ($homeDir . '/.env'));
 
 // ============================================================
 // 🔐 مفاتيح الأمان
 // ============================================================
-$INTERNAL_KEY = trim((string) @file_get_contents('/home/location/.internal_socket_key'));
-$redisPass    = trim((string) @file_get_contents('/home/location/.reds_pass_key'));
+$INTERNAL_KEY = trim((string) @file_get_contents(getenv('INTERNAL_SOCKET_KEY_PATH') ?: ($homeDir . '/.internal_socket_key')));
+$redisPass    = trim((string) @file_get_contents(getenv('REDIS_PASS_KEY_PATH') ?: ($homeDir . '/.reds_pass_key')));
 
 if (empty($INTERNAL_KEY)) logMsg('❌ CRITICAL: Internal key missing!');
 if (empty($redisPass))    logMsg('❌ CRITICAL: Redis password missing!');
diff --git a/backend/encrypt_decrypt.php b/backend/encrypt_decrypt.php
index b2c7cbc..6be193a 100644
--- a/backend/encrypt_decrypt.php
+++ b/backend/encrypt_decrypt.php
@@ -4,9 +4,24 @@
 require_once realpath(__DIR__ . '/../vendor/autoload.php');
 
 require_once 'load_env.php';
-$env_file = getenv('ENV_FILE_PATH') ?: (__DIR__ . '/../../../env/.env');
+$siteUser = get_current_user();
+$homeDir = "/home/$siteUser";
+if (!is_dir($homeDir)) {
+    $homeDir = realpath(__DIR__ . '/../../../'); // Fallback
+}
+
+$env_file = getenv('ENV_FILE_PATH') ?: ($homeDir . '/.env');
+if (!file_exists($env_file)) {
+    $env_file = __DIR__ . '/../.env';
+}
 loadEnvironment($env_file);
 
+if (!getenv('ENCRYPTION_KEY_PATH')) {
+    $encKeyDefault = "$homeDir/.enckey";
+    putenv("ENCRYPTION_KEY_PATH=$encKeyDefault");
+    $_ENV['ENCRYPTION_KEY_PATH'] = $encKeyDefault;
+}
+
 // ✅ FIX C-02: استخدام getenv بدلاً من file_get_contents الثابت
 $keyPath = getenv('ENCRYPTION_KEY_PATH');
 $key = '';
diff --git a/backend/passenger_socket.php b/backend/passenger_socket.php
index 8864c4c..6eb2ba8 100644
--- a/backend/passenger_socket.php
+++ b/backend/passenger_socket.php
@@ -33,7 +33,13 @@ function socket_log($message, $data = null) {
 
 socket_log("=== STARTING PASSENGER SOCKET SERVER ===");
 
-$INTERNAL_KEY = trim((string) @file_get_contents('/home/intaleq-rides/.internal_socket_key'));
+$siteUser = get_current_user();
+$homeDir = "/home/$siteUser";
+if (!is_dir($homeDir)) {
+    $homeDir = '/home/intaleq-rides'; // Fallback to original location
+}
+
+$INTERNAL_KEY = trim((string) @file_get_contents(getenv('INTERNAL_SOCKET_KEY_PATH') ?: ($homeDir . '/.internal_socket_key')));
 
 if (empty($INTERNAL_KEY)) {
     socket_log("[CRITICAL_ERROR] Internal key missing! Exiting.");