OpenMeetings provides conferencing, chat, whiteboard, and media workflows. Harden room access policy, media upload controls, and Java/Tomcat runtime exposure.
¶ 1) Lock down rooms and moderator privileges
- Require authentication for private meeting rooms.
- Limit moderator and admin roles to trusted operators.
- Disable guest join behavior where confidentiality is required.
- Review room recording permissions and retention settings.
- Enforce allowed media file types and upload size limits.
- Store recordings on protected volumes with limited OS permissions.
- Use HTTPS for signaling and web access.
- Restrict backend DB and streaming components to private networks.
- Patch OpenMeetings, Java runtime, and servlet container regularly.
- Apply reverse-proxy rate limits to auth and room endpoints.
- Audit login, room access, and permission-change logs.
- Encrypt backups that include recordings and chat artifacts.
- Apache OpenMeetings documentation: https://openmeetings.apache.org/
- Apache OpenMeetings source repository: https://github.com/apache/openmeetings
Any questions?
Feel free to contact us. Find all contact information on our contact page.