My perspective the direct author IP or host name should not be exposed to content authors
Create a custom domain for authors e.g author-uat.test.com and enable the same in dispatcher with required rules to block the URL's.
Even it will be better to configure the URL with some SSO solutions so that user wont login directly with AEM users.
Regards
Albin I