Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 05-17-2024, 04:10 AM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Contributions Area / Enhancements v / Captcha bruteforce protection for ispCP CP login

Post Reply 
Captcha bruteforce protection for ispCP CP login
Author Message
fulltilt Offline
Member
***

Posts: 1,225
Joined: Apr 2007
Reputation: 5
Post: #1
Captcha bruteforce protection for ispCP CP login
Captcha bruteforce (login bot) protection
it is not enough just to block the IP of the attacker if he has a large IP pool and they are constantly changing
this modification displays the login form only if a valid captcha has been sent

- captcha w/ md5 & secret
- set own captcha cookie
- cookie valid for 1 minute
- coookie will be deleted if passed the check
- no reloads possible on login form

you should change the secret in index.php & captcha.php (use same secret in both files)
$secret = '123456789';

1. copy captcha.tpl & captcha_message.tpl to:
/var/www/ispcp/gui/themes/

2. copy captcha.php, index.php & tahoma.ttf to:
/var/www/ispcp/gui/

3. set permissions
/var/www/ispcp/engine/setup/set-gui-permissions.sh


Attached File(s)
.zip  ispcp-captcha.zip.zip (Size: 210.72 KB / Downloads: 5)
(This post was last modified: 10-19-2012 08:56 PM by fulltilt.)
10-17-2012 06:00 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
Captcha bruteforce protection for ispCP CP login - fulltilt - 10-17-2012 06:00 PM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication