Copy from the apache2/modsec_audit.log:

--37e37562-H--
Message: Access denied with code 403 (phase 1). Match of "streq %{SESSION.IP_HASH}" against "TX:ip_hash" required. [file "/etc/modsecurity/activated_rules/modsecurity_crs_16_session_hijacking.conf"] [line "35"] [id "981059"] [msg "Warning - Sticky SessionID Data Changed - IP Address Mismatch."]
Action: Intercepted (phase 1)
Stopwatch: 1383499867684968 2258 (- - -)
Stopwatch2: 1383499867684968 2258; combined=634, p1=407, p2=0, p3=0, p4=0, p5=177, sr=109, sw=50, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.6.3 (http://www.modsecurity.org/); OWASP_CRS/2.2.5; core ruleset/2.2.0.
Server: Apache/2.2.22 (Ubuntu)
WebApp-Info: "default" "ljo70mlrrc3rc9fh8ishmfjhu4" ""

Try clearing your cookies and see if that fixes it.

Thank you Kamal.
Tried, unfortunately it doesn't work:

Forbidden
You don't have permission to access / on this server.

Try disabling the experimental routes.

I don't think I have any experimental routes enabled. I did very few changes in /etc/modsecurity/modsecurity.conf (I.e. SecRuleEngine On; SecResponseBodyAccess Off)

Any other ideas guys?

apache2/error.log is full with this crap:

ModSecurity: Access denied with code 403 (phase 1). Match of "streq %{SESSION.IP_HASH}" against "TX:ip_hash"$

you get? Good .. I had this problem installing zpanel with apache2 .. and I only comment on the .. / etc/apache2/apache2.conf, al the virtual host worked nicely

OS: Ubuntu 12 LTS

check the status of SELinux

# vi /etc/selinux/config
# SELINUX=disabled -> SELINUX=enforcing
save & exit
# setenforce 0

It will be fine!