What type of hardware are you using: VPS bought online
What YunoHost version are you running: 12.0.17
How are you able to access your server: The webadmin
SSH
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: I used an automatic migration tool from my hoster to move my VPS from Virtuozzo to KVM
Describe your issue
Forum newbie here but have been using Yunohost for a while. Know basic command line and Linux stuff. I’m posting with a somewhat unusual “nginx 403 forbidden” problem:
My hosting provider Strato has pushed me to migrate my VPS from an old Virtuozzo-based machine to a newer KVM-based one. Their web-based migration process promised that “everything will be as before” after migration, all files will be copied over. The migration threw no error.
There were couple smaller issues I was able to fix myself (like my Yunohost admin user was gone on the new machine), but I struggle with one last weird thing:
Half my apps stopped working, throwing me a 403 permissions error:
Works: Yunohost admin interface, Synapse, Vaultwarden, LSTU link shortener, Wikijs, Readeck
Does not work:
- Pixelfed just loads an empty page in the browser
- 2x Wordpress throw an nginx 403
- Automad throws an nginx 403
- Nextcloud throws an nginx 403
- Dovecot fails to load with a TLS handshaking: SSL_accept() failed: error:0A00006C:SSL routines::bad key share in the logs Dovecot logs
With regard to 403 I checked the folder permissions and ownership in /var/www
which I assume each should have their own name as user and group. Except Synapse, all those that did not work had a group ownership called tape
. I changed it back to their respective name, with e.g. chown -R nextcloud:nextcloud /var/www/nextcloud
and reloaded nginx but the permissions error persists.
With regard to Dovecot I noticed Yunohost diagnosis says port 993 was closed but when I do:
$ sudo nmap -sU -p 993 xx.xx.xx.xx
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-07-20 17:48 CEST
Nmap scan report for my.domain.net (xx.xx.xx.xx)
Host is up (0.15s latency).
PORT STATE SERVICE
993/udp open|filtered imaps
If anyone has an idea what else I could try to understand what’s wrong with those apps, I’d be incredibly grateful! Please let me know if you need any more data or logs and a big thank you already or reading this!