ispconfig3_roundcube & htaccess protection
With the new version there is the possibility to use htaccess protection. Quote from the changelog:
We added a script that makes it easy to protect the ISPConfig Interface with a .htaccess password protection. This script adds a apache password prompt in front of the ispconfig Interface and exports all ispconfig client users into a .htpasswd file, so all client logins will still work.
Run the following command as root user to activate the script:
By using this, it will break the ispconfig_roundcube plugin, which uses the /remote path (via api). This give a soap error: Authorization required. (which i assume is caused by the authentication that is required to get to that page.
You might want to exclude the /remote path for it, so ispconfig_roundcube can still be used, while have some form of extra security. (though, i'd like 2step authentication (google authenticator or duo security).