Webmail not working: ModSecurity: Access denied with code 403

Refers to:

  • Plesk 12.5 for Linux
  • Plesk Onyx for Linux
  • Plesk 11.0 for Linux
  • Plesk 11.5 for Linux
  • Plesk 12.0 for Linux

Created:

2016-11-16 13:15:00 UTC

Modified:

2017-02-16 07:51:17 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Webmail not working: ModSecurity: Access denied with code 403

Symptoms

When trying to send e-mail following error appears like:

Forbidden
You don't have permission to access /imp/compose.php on this server

or

Error when communicating with the server

There can be also similar error in apache error log file:

[error] [client 82.200.65.190] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/conf.d/mod_security.conf"] [line "70"] [msg "Multipart parser detected a possible unmatched boundary."] [hostname "HOSTNAME"] [uri "/horde/imp/compose.php"] [unique_id "8m0u-n8AAAEAAD7blhoAAAAO"]

Cause

ModSecurity rules prevent Horde/Roundcube webmail work.

Resolution

  • Configure mod_security in a way that will allow incoming and outgoing connections to utilise ports that are used by Webmail software. Plesk for Linux Webmail is available for access through port 80 via webmail.domain.com.

  • Alternatively, you could disable mod_security in Plesk GUI or its separate rules:

    Plesk > Tools & Settings > Web Application Firewall (ModSecurity) .

Have more questions? Submit a request
Please sign in to leave a comment.