Overview
The log4j vulnerability does not affect DreamHost's managed servers. This includes the following hosting plans:
- Shared hosting
- DreamPress
- VPS (private servers)
- Dedicated servers (without an admin user)
This is because DreamHost's managed servers do not provide or offer any Java tools or services that include the log4j vulnerability.
Un-managed servers
There are two types of DreamHost hosting plans which are UN-managed. These include:
- Dedicated servers with an admin user
- DreamCompute
These types of servers allow root/sudo access which allows the admin user to manually install Java software which could potentially include calls to the vulnerable class.
DreamHost recommends that customers who have installed Java-based software immediately update it as soon as possible. Please submit a ticket to DreamHost support for further questions.
