About the vulnerabiliy "Log4j"

Hi there,

Maybe a super silly question, but this morning got an email from CloudFlare telling me about the vulnerability “Log4j” and how important it is.

I am using HestiaCP in all my prod. servers so I would like to know if there is something I would need to do or update, as far as I think, HestiaCP doesn’t use it, but just asking in case.

I am using Apache+Nginx in all servers.

Thanks !


Hestia doesn’t use Log4j

It is mainly used in java based projects …


Thanks for the clarification! :hearts:

still the apps you install could potentially use it. for instance if you install a recent shop or forum software it might require apache elasticsearch which itself brings log4j to your computer.

so yes, Hestia itself not vulnerable to this.

but no, don’t rely on just that. be aware what actual sites/apps you are running and which components those might bring with… :wink:


thanks for the awesome information.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.