Webmail not working: ModSecurity: Access denied with code 403

Created:

2016-11-16 13:15:00 UTC

Modified:

2017-04-24 16:56:35 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Webmail not working: ModSecurity: Access denied with code 403

Applicable to:

  • Plesk 12.5 for Linux
  • Plesk Onyx for Linux
  • Plesk 11.0 for Linux
  • Plesk 11.5 for Linux
  • Plesk 12.0 for Linux

Symptoms

When trying to send e-mail following error appears like:

Forbidden
You don't have permission to access /imp/compose.php on this server

or

Error when communicating with the server

There can be also similar error in apache error log file:

[error] [client 82.200.65.190] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/conf.d/mod_security.conf"] [line "70"] [msg "Multipart parser detected a possible unmatched boundary."] [hostname "HOSTNAME"] [uri "/horde/imp/compose.php"] [unique_id "8m0u-n8AAAEAAD7blhoAAAAO"]

or

There can be also similar error in apache error log file:

[error] [client XXX.XXX.XXX.XXX] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\%((?!$|\\\\W)|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:_pass. [file "/etc/httpd/conf/modsecurity.d/rules/comodo/12_HTTP_Protocol.conf"] [line "122"] [id "217250"] [rev "2"] [msg "COMODO WAF: Multiple URL Encoding Detected||webmail.example.com|F|4"] [data "ARGS:_pass=***********"] [severity "WARNING"] [hostname "webmail.example.com"] [uri "/"] [unique_id "WOeTxlT4952AAFasXzAABBAS"]

Cause

ModSecurity rules prevent Horde/Roundcube/atmail webmail work propertly.

Resolution

  • Configure mod_security in a way that will allow incoming and outgoing connections to utilise ports that are used by Webmail software. Plesk for Linux Webmail is available for access through port 80 via webmail.domain.com.

  • Alternatively, you could disable mod_security in Plesk GUI or its separate rules:

    Plesk > Tools & Settings > Web Application Firewall (ModSecurity) .

  • As a 3rd option, you can disable mod_security only on webmails by editing the next files:

/usr/local/psa/admin/conf/templates/default/horde.php

/usr/local/psa/admin/conf/templates/default/roundcube.php

/usr/local/psa/admin/conf/templates/default/atmail.php

And add the next code block right before the </VirtualHost> (note that there are 2 per file: HTTP and HTTPS):

    <IfModule mod_security2.c>
        SecRuleEngine Off
    </IfModule>

Then reconfigure server httpd config with following command:

[root@120]# /usr/local/psa/admin/sbin/httpdmng --reconfigure-server
[root@120]#
Have more questions? Submit a request
Please sign in to leave a comment.