ISPConfig3 (if configured) comes installed with AWStats and Webalizer for server-side statistics which are made available to the client via /stats/ on their website. It also has a location available for default error pages which are located under the /error/ directory path of the website.

Inside /error/ it allows you to define your own custom 401,404..etc pages.

The Problem:

Joomla 2.5^ (SEF=on, rewrite=on) appears to intercept the call to the stats directory, disallowing access to the server-side stats. Thus generating a "404 article not found" error.

The Debugging:

To track down what was occurring and why it appeared that Joomla's htaccess and SEF+rewrite were to blame, we needed to enable "RewriteLog" and "RewriteLogLevel 3" for the site's virtualhost entry.
Tracking through this log can be a little tricky if you don't know what you're looking for.
We look through the rewrite log file for calls to "stats":

[rid#7fafdde14768/initial] (2) init rewrite engine with requested uri /stats/
[rid#7fafdde14768/initial] (3) applying pattern '^stats($|/)' to uri '/stats/'
[rid#7fafdde14768/initial] (3) applying pattern '^(.*)$' to uri '/stats/'
[rid#7fafdde14768/initial] (3) applying pattern '^(.*)$' to uri '/stats/'
[rid#7fafdde14768/initial] (3) applying pattern '^(.*)$' to uri '/stats/'
[rid#7fafdde14768/initial] (3) applying pattern '^(.*)$' to uri '/stats/'
[rid#7fafdde14768/initial] (3) applying pattern '^(.*)$' to uri '/stats/'
[rid#7fafdde14768/initial] (1) pass through /stats/
[rid#7fafdde25310/initial/redir#1] (2) init rewrite engine with requested uri /error/401.html
[rid#7fafdde25310/initial/redir#1] (3) applying pattern '^stats($|/)' to uri '/error/401.html'
[rid#7fafdde25310/initial/redir#1] (3) applying pattern '^(.*)$' to uri '/error/401.html'
[rid#7fafdde25310/initial/redir#1] (3) applying pattern '^(.*)$' to uri '/error/401.html'
[rid#7fafdde25310/initial/redir#1] (3) applying pattern '^(.*)$' to uri '/error/401.html'
[rid#7fafdde25310/initial/redir#1] (3) applying pattern '^(.*)$' to uri '/error/401.html'
[rid#7fafdde25310/initial/redir#1] (3) applying pattern '^(.*)$' to uri '/error/401.html'
[rid#7fafdde25310/initial/redir#1] (1) pass through /error/401.html
[rid#7fafdde25310/initial/redir#1] (3) [perdir /var/www/website.com/web/] strip per-dir prefix: /var/www/website.com/web/error/401.html -> error/401.html
[rid#7fafdde25310/initial/redir#1] (3) [perdir /var/www/website.com/web/] applying pattern '.*' to uri 'error/401.html'
[rid#7fafdde25310/initial/redir#1] (3) [perdir /var/www/website.com/web/] strip per-dir prefix: /var/www/website.com/web/error/401.html -> error/401.html
[rid#7fafdde25310/initial/redir#1] (3) [perdir /var/www/website.com/web/] applying pattern '.*' to uri 'error/401.html'
[rid#7fafdde25310/initial/redir#1] (3) [perdir /var/www/website.com/web/] strip per-dir prefix: /var/www/website.com/web/error/401.html -> error/401.html
[rid#7fafdde25310/initial/redir#1] (3) [perdir /var/www/website.com/web/] applying pattern '.*' to uri 'error/401.html'
[rid#7fafdde25310/initial/redir#1] (2) [perdir /var/www/website.com/web/] rewrite 'error/401.html' -> 'index.php'
[rid#7fafdde25310/initial/redir#1] (3) [perdir /var/www/website.com/web/] add per-dir prefix: index.php -> /var/www/website.com/web/index.php
[rid#7fafdde25310/initial/redir#1] (2) [perdir /var/www/website.com/web/] trying to replace prefix /var/www/website.com/web/ with /
[rid#7fafdde25310/initial/redir#1] (1) [perdir /var/www/website.com/web/] internal redirect with /index.php [INTERNAL REDIRECT]
[rid#7fafdde17018/initial/redir#2] (2) init rewrite engine with requested uri /index.php
[rid#7fafdde17018/initial/redir#2] (3) applying pattern '^stats($|/)' to uri '/index.php'
[rid#7fafdde17018/initial/redir#2] (3) applying pattern '^(.*)$' to uri '/index.php'
[rid#7fafdde17018/initial/redir#2] (3) applying pattern '^(.*)$' to uri '/index.php'
[rid#7fafdde17018/initial/redir#2] (3) applying pattern '^(.*)$' to uri '/index.php'
[rid#7fafdde17018/initial/redir#2] (3) applying pattern '^(.*)$' to uri '/index.php'
[rid#7fafdde17018/initial/redir#2] (3) applying pattern '^(.*)$' to uri '/index.php'
[rid#7fafdde17018/initial/redir#2] (1) pass through /index.php

So we can see that 'stats' is actually being caught by mod_rewrite which is good and even passes through /stats/ to the browser after the inital rules.
However the next part is where it gets interesting:

[rid#7fafdde14768/initial] (1) pass through /stats/
[rid#7fafdde25310/initial/redir#1] (2) init rewrite engine with requested uri /error/401.html

We can clearly see that after the call to 'stats' was made, there was another call behind the scenes to 'error/401.html' which was never part of the original request. My guess here is that its looking for the default page for a 401 should the http authentication fail.
Following on down we see Joomla's htaccess rules kicking in:

[rid#7fafdde25310/initial/redir#1] (3) [perdir /var/www/website.com/web/] applying pattern '.*' to uri 'error/401.html'
[rid#7fafdde25310/initial/redir#1] (2) [perdir /var/www/website.com/web/] rewrite 'error/401.html' -> 'index.php'

Here we can see that because this part does not match Joomla's SEF rules, it rewrites the file to index.php
This happens because of the following lines in Joomla's htaccess file:

RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]

Because the file being called here 'error/401.html' doesn't exist as a file, it rewrites in index.php to prevent exploits.

So what Joomla sees, is a request for 'error/401.html' which it tries to interperate as an article link rather than a directory and file.

The Solution:

To fix this problem, we realised that there was no problem in Joomla, nor was there a problem in the ISPConfig3 stats area. The problem lay in the server looking for the 401.html file which didn't exist (which was only found due to the debugging of mod_rewrite).
So we simply create a 401.html page with the line:

<h1>401 Not Authorised</h1>

Hope this helps someone else if they ever come across the problem!