Hello everyone! I apologize for the delay on this post, but I wanted to give an update on the MC server regarding both 1.18.1 and the Log4j exploit. While I haven't posted anything prior, I have been on top of server security since the original alert was first posted.
The server is currently protected against the exploit in the form of an updated build of Paper that updates Log4j to the patched version(s), as well as the server hardware itself having an patched version as soon as one was released. We are also running the appropriate settings to ensure console safety. Additionally, the server uses a plugin that forbids client to console interaction, meaning clients cannot exploit each other. This combined with our Whitelist ensures safe access to the server.
That said, I am keeping a careful eye on the situation and I am hesitant to say everything is fine until we are absolutely sure.
Meanwhile, the server is not yet running 1.18.1, this is due to a message from Paper stating that the 1.18.1 builds are to be used with caution. As we do have daily backups, we will most likely update soon, but right now we're just being extra careful!
Feel free to let me know if you have any questions! For more information on the Log4j exploit, please view this : https://cisomag.eccouncil.org/log4j-explained/