We have a meeting web app which uses our own installatin of Jitsi in an iFrame. But the way it’s installed, it looks like regular Jitsi also, you can hit our ‘main’ page (on that instance) and it looks like Jitsi, and you can start arbitrary meetings. This is bad for our bandwidth budget. Is there a way to ‘lock it down’ so that only our iFrame can use our Jitsi instance?
Use the nginx to restrict/allow the serving up of
index.html based on
$http_referer. When the referer is your iframe URL, allow, otherwise block. (There are other options using the nginx config that will also work)
index.html still needs to be available for iframe so it cannot be blocked all together))
Finally, you could modify the
config.js file to hide various elements on the main page so even though it shows it’s not as easy to start a meeting.
I don’t have any examples handy but this should get you started with a few possible paths.
Thanks I’ll try these