25% OFF First Invoice

Code at Checkout: CAVES

Dynmap Update

Posted: Jan 21, 2021 in Minecraft

mc head By David

Security Alert! Earlier last week, a vulnerability with Dynmap was discovered when configured to use MySQL which allowed remote attackers to expose the database credentials when accessing a specific endpoint on the web-viewer.

Fortunately, the issue was quickly acted on by the developer of the plugin and a fix was rolled out.

We strongly urge all Dynmap users to update their plugin version to the latest security patch to avoid potential issues in the future.

Download the most recent version of Dynmap here:

Bukkit/Spigot/Paper: https://dev.bukkit.org/projects/dynmap/files

Forge: https://www.curseforge.com/minecraft/mc-mods/dynmapforge/files

To install the newest version, follow our FTP guide in order to delete the old version and upload the updated version: https://apexminecrafthosting.com/how-to-connect-via-ftp/

Update Database Credentials

If you used Dynmap on the vulnerable builds and need to update your database passwords, head on over to the Control Panel here → Go to my server → MySQL Database → Change Password.

Then update your database password for all the plugins using MySQL.

In an effort to be proactive, any customer who was running a vulnerable Dynmap service using MySQL has been automatically detected and we’ve intervened to ensure that they’re now running the patched version. Those who had interventions will receive an intervention notice via email with information as to what steps to next take to secure their databases. We got your back!

//sysadmin team

Start Your Minecraft Server

Get started with your own minecraft server in 5 min and start trying out these great features.