Captcha bruteforce protection for ispCP CP login

[fulltilt]

Captcha bruteforce (login bot) protection
it is not enough just to block the IP of the attacker if he has a large IP pool and they are constantly changing
this modification displays the login form only if a valid captcha has been sent

- captcha w/ md5 & secret
- set own captcha cookie
- cookie valid for 1 minute
- coookie will be deleted if passed the check
- no reloads possible on login form

you should change the secret in index.php & captcha.php (use same secret in both files)
$secret = '123456789';

1. copy captcha.tpl & captcha_message.tpl to:
/var/www/ispcp/gui/themes/

2. copy captcha.php, index.php & tahoma.ttf to:
/var/www/ispcp/gui/

3. set permissions
/var/www/ispcp/engine/setup/set-gui-permissions.sh

[jakub.artur]

hi
also can modify Captcha to version 1.6.0 ?

I used the Captcha panel that also was active in another function , the link to see their application http://www.panel.redehost.pl/poczta/