Skip to content
Graphic showing white sans-serif type and MojoHost logo over photo of a data center

Log4J Vulnerability and MojoHost

The recently discovered vulnerabilities in the widely used log4j library have caused a massive effort to upgrade affected software across the web. At MojoHost, we have already taken stock of how this affects our services and our customers. Thankfully, the vast majority of MojoHost customers were never affected by this vulnerability. A small number of MojoHost customers were using software affected by this vulnerability, which we have already proceeded to patch.

Many news sources have falsely indicated that this is a vulnerability with “Apache”. This is incorrect. Log4j is a small logging library. Although it was released by the Apache Foundation, the flagship “Apache” web server, used on many MojoHost servers, was never affected by this vulnerability.

For our fully self-managed customers, we encourage you to check and see if any susceptible software is in use. The most common software we see among our users that may require patching is Wowza, ElasticSearch, and Tomcat. If your application makes use of the Java programming language, it might be susceptible to this vulnerability. If it uses other languages it is not susceptible.

We take security very seriously at MojoHost. We regularly assess emerging security threats and proactively apply fixes to severe vulnerabilities. Our job as a managed hosting provider is to ensure the safety of our customers and their data. If you have any questions about the security of your systems, don’t hesitate to reach out to us, we’re always here to help and answer questions.

Additional Resources

United States Cybersecurity & Infrastructure Security Agency

Apache Foundation List of Affected Products

Original Discover from LunaSec

Back To Top