Restrict room creation to IP addresses

is there a way to restrict room creation to clients with specific IP addresses? We want that only users connecting from our internal network can create a room. Many thanks in advance

Hi there, welcome to our community!

That piece of functionality would need to be implemented as a Prosody plugin, since our rooms are XMPP MUCs. I’m not aware of any module providing such functionality, sorry.

Hello saghul, thanks for the quick reply. Another solution would be to restrict room creation to clients who connect to the internal IP of the server. The external server IP would be only for guests. Would that be possible?

It’s very similar. At the end of the day both will end up establishing a connection with the XMPP server, there is where the decision needs to be made. I wonder if there is no problem with getting the real IP address, sincce BOSH is used (XMPP over HTTP) and there may be proxys in between.

If Jitsi is the only service on your server it’s better to secure the server one level up. Something like a .htaccess file has more options to configure. And it filters the traffic before it uses anything (like resources) on the server.