Hello. I've configured 2 servers following this guide: http://www.howtoforge.com/perfect-server-ubuntu-12.04-lts-apache2-bind-dovecot-ispconfig-3 And on both servers I've the same issue: I cannot use the ISPConfig API. I got the same error: "Soap Error: Forbidden" It is not a privileges issue with the remote user, but it seems to be an HTTP error (probably a 403). The weird thing is that some functions works, like 'mail_user_get' but some other not, like 'client_get_id' (even with a remote user with ALL privileges). The "Forbidden" error is a real PHP Exception, it doesn't come from any functions in 'remoting.inc.php' or 'remoting_lib.inc.php'. So my guess is that it is a permissions issue on a file or URL, but I cannot find where ... How can I figure it out which file or url is "forbidden" ? Thanks.
None. Only a code '200' in the access.log. As the page is well desserved by apache it is normal. The exception is raised by PHP but I've nothing in the logs. I think I will debug it using xdebug, it's my last call.
After hours of search, I've found that it was an apache mod causing this issue I've written a small PHP script to test the API. When I call login and next a function, it works. BUT, when the function is included in a loop, it crash after one or 2 occurrences. For a while, I've suspected suhosin but I've nothing in the logs about a suhosin alert. So I've looked into the apache mod, and the winner was: mod_evasive ! It detects the loop as a DoS attack ... In conclusion: never enabled mod_evasive if your API need to be called in a loop. PS: I can't add a RESOLVED to my title, too bad
Another option is to keep mod_evasive enabled and add the requesting/remote users IP address to the evasive.conf file - DOSWhitelist 123.123.123.123
