I've setup a new ISPConfig3 3.0.5 SP5 server with Apache mod_security as well. mod_security has been setup according this howto: After a succesful installation of mod_security, all websites are still up and running, which is nice. But...i am unable to access the ISPConfig webpage. Instead of the ISPConfig3 logon screen i see an error message with a warning that i am not allowed to enter the index.php page. What could be the reason and how can i solve this?
do you see in apache error.log, which mod_security rule triggered this? If yes, then you can whitelist the rule for the ispconfig vhost or install directory.
Hi Till, In the mean time i found the rule which was causing this. I created the file /etc/modsecurity/modsecurity_crs_99_whitelist.conf and added: SecRuleRemoveById <RuleID> Now i can enter ISPConfig3 again.
