What is InMotion Hosting doing re log4j vulnerability?

Avatar
  • updated
  • Answered
The title of this post says it all.

Pinned replies
Avatar
anonymous
  • Answer
  • Answered

Hi there,


Thank you for your question regarding server security. While I am unable to provide specifics as to what steps we are taking to mitigate known security risks such as the log4j vulnerability, I can assure you that our security team works to patch known exploits as they arise.


Best Regards,

Alyssa K.

Avatar
anonymous
  • Answer
  • Answered

Hi there,


Thank you for your question regarding server security. While I am unable to provide specifics as to what steps we are taking to mitigate known security risks such as the log4j vulnerability, I can assure you that our security team works to patch known exploits as they arise.


Best Regards,

Alyssa K.

Avatar
Mario Cano

Hi Anonymous,

I have not heard any news regarding what has been done directly from Inmotion Hosting but I do know that they are constantly working on securing all servers as fast as possible as I am sure many providers are. 

It is also important to note the popular cPanel web hosting server control panel software recently issued a patch to fix a critical flaw in the log4j Java library discovered in part of the software used for email. The vulnerability itself is named, Log4Shell. The vulnerable Log4j Java library was discovered in an essential cPanel plugin called cPanel Dovecot Solr plugin. 

Here is what cPanel had to say:

“We have published an update with the mitigation for CVE-2021-44228 to the cpanel-dovecot-solr RPM.

Obtaining the Mitigation for CVE-2021-44228

You can run a cPanel Update which will update the cpanel-dovecot-solr RPM for you:
How to update cPanel/WHM

If you previously uninstalled cPanel Solr, you may install it again with the steps in this guide
How to Install cPanel Solr

https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/


As cPanel has already released a patch for this I am sure Inmotion Hosting is currently working hard on updating all of its servers to contain this critical update. If you are concerned for the safety of your website or server I would recommend reaching out to technical support and they will be able to check what version of is running along with if the patch has been added by using this command via the root command line interface:

rpm -q --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455

If your server or the server you are on is patched the code above should return the output of:

# rpm -q --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455
* Fri Dec 10 2021 Tim Mullin <[email protected]> -  8.8.2-4.cp1180
- CPANEL-39455: Add mitigation for CVE-2021-44228

NOTE: In order to run commands like this you will need root access to the server.

Please let me know if you have any further questions and I am sure someone from Inmotion Hosting will be able to assist you further should you still have concerns via a support ticket.

Thanks!

Mario C.