I previous wrote about how Google Ads is not impacted by the Log4j security vulnerability but many sites and servers are. So if you have a website that needs to have updates because of the Log4j security issue, do you have to worry if you need to take down the site and Googlebot is unable to reach it?

If you take down your site and Google cannot crawl it, then it might impact your rankings. Google has spoke about how to handle site outages including using the 503 status code and maybe making a static site – a lot of this advice from Google’s John Mueller then would work here.

John Mueller of Google shared a Twitter thread with new advice on how to handle taking your site offline to fix any Log4j security vulnerabilities.

(1) Make a static version of your site:

(2) Copy the site and also read the advice for pausing your online business:

(3) Host it on the same domain, but if you can’t use 302s for temporary redirects:

(4) Don’t worry, temporary outages will be fine in the long run:

What is Log4j? Apache Log4j is a Java-based logging utility originally written by Ceki Gülcü. It is part of the Apache Logging Services, a project of the Apache Software Foundation. Log4j is one of several Java logging frameworks. On December 9, 2021, a zero-day vulnerability involving arbitrary code execution in Log4j 2 was published by the Alibaba Cloud Security Team and given the descriptor “Log4Shell”. It has been characterized by Tenable as “the single biggest, most critical vulnerability of the last decade”.

Forum discussion at Twitter.