As far as I can tell, there is no way to associate Jitsi occupants with IP addresses and/or ports. This is a must-have for auditing. Also, it can be used along with fail2ban to ban badly-behaved users.
Without this, a badly behaved user can flood the server with connection requests, potentially causing a DoS.
Ideally, there should be a data structure, such as ‘occupants’, that not only lists the user’s role and associates the user with a conference, but that also has a field that stores the user’s IP address. If we had this, the we could create mod_muc_audit.lua that would record each time an IP attempts to connect to the server and/or gets kicked from a conference. fail2ban can watch the logs and ban based on too many connection attempts or too many kicks.