Folder Protection feature may destroy existing .htaccess file
It seems that when a directory is protected using the "Folder protection" feature in the ISPConfig interface, any existing .htaccess file is overwritten, thereby destroying its contents.
A better implementation would be to add only the required directives to any existing .htaccess file. When protection is removed from the directory, only the previously-added directives should be removed (and not the entire .htaccess file, which seems to be the current behavior).
Webmin has a directory protection feature that behaves in the manner described above; existing .htaccess contents are left intact and only the directives handled by Webmin are added/removed. This is the ideal behavior.