diff --git a/var/www/html/login.php b/var/www/html/login.php
index 7129f93..53d70f3 100644
--- a/var/www/html/login.php
+++ b/var/www/html/login.php
@@ -53,6 +53,7 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
 	}
 	if($ok){
 		$_SESSION['hosting_username']=$username;
+		$_SESSION['csrf_token']=sha1(uniqid());
 		session_write_close();
 		header('Location: home.php');
 		exit;