log4j vulnerability

Overview

The log4j vulnerability does not affect DreamHost's managed servers. This includes the following hosting plans:

  • Shared hosting
  • DreamPress
  • VPS
  • Dedicated servers (without an admin user)

This is because  DreamHost's managed servers do not provide or offer any Java tools or services that include the log4j vulnerability.

Un-managed servers

There are two types of DreamHost hosting plans which are UN-managed. These include:

These types of servers allow root/sudo access which allows the admin user to manually install Java software which could potentially include calls to the vulnerable class.

DreamHost recommends that customers who have installed Java-based software immediately update it as soon as possible. Please submit a ticket to DreamHost support for further questions.

See also

Did this article answer your questions?

Article last updated PST.

Still not finding what you're looking for?