Sorry for my late reaction, but i just came back from holiday.
I do understand that big log files could be a reason, but when i click on the "Statistics" tab, i can see that amount of data within the /log directory is mentioned separately.
I deleted old logfiles for the website and the content of the /web directory is still much bigger then the set quota, which is 400 MB for the directory /web.
(actually nothing changed)
So, i can see that users can upload more data within the directory /web as 400 MB. I also had a further look to other websites and i found out that for some websites (a few) the directory /web contains also more then the quota defined within ISPConfig by me.
After executing the command: du -h web, i found a directory with backup data (1.1 GB) of my client, which means that he could upload more data then defined within ISPConfig.
*** Update: ***
In the mean time i've contacted my client.
He was using a backupscript.
This script made backups within a subdirectory within the /web folder, So the data was not uploaded to the server.
Now the huge amount of data has been deleted.
I really ask myself how the over quota was possible and why the defined quota of 400 MB was not the limit???