I self-host a Jitsi server to host meetings for an amateur radio club; I’m the one responsible for running them as president of the club and I wasn’t going to use Zoom. We’ve had good luck with Jitsi but I am sensing some storm clouds on the horizon and I’d like to see if I can somehow help avoid them.
We have some problematic people who, in the last few days, have decided to pop back up and cause some major issues; basically they are resorting to childish-trolling to disrupt club activities to hurt the club’s reputation and drive membership away.
So this leads to our Jitsi server and some issues with some common tactics. The first is a secret URL; our meetings have a requirement that they must be open to the public. There’s nothing that says we can’t make people leave…but meeting location (or URL) is published publically. It’s also, for the same reason, that setting a PIN number won’t work as I would have to publish that along with our meeting location information. I have considered the idea of locking the room after a specific time; but this too runs in to issues with how we’re required to run our meetings.
So what I really need to know is there an easier way…other than tailing the log files; to see which users are attached to what IP? My idea is I’m going to have a trusted third party join the meeting who can make entries in the firewall to reject packets from the problem IPs. They can always ultimately DDOS my connection and disrupt everyone, but I don’t think these people are that smart or have the resources.
If there’s not a currently known easy way of doing this…then that’s fine. I figure worst case we just keep kicking those people from the room and tail the Nginx log constantly.