Question: How to only allow domain name access, block IP access (no reverse proxy)

Hi All,
I try to search this topic, but seems no answer.

Assume a domain abc.cde.com point to 123.456.789.0
which is a OpenWrt v23 router, assume its internal ip 192.168.1.1

I have disabled uhttp on 80, and running nginx on 443 for other stuff.
I have an internal media server at 192.168.1.2, I don't have modification on the media server.

I have setup port forwarding on the router on WAN 80 port, to 192.168.1.2 80 port.
I don't want to use reverse proxy, as there might be too much media traffic for the router to handle.
so I just use port forwarding.

the problem, when people scan the public IP 123.456.789.0 , port 80, it will found this internal media server, which is not good.
since I don't want to modify the media server, so can't reject only IP by something like htaccess

question: does OpenWrt firewall or other simple setting, can reject IP access, but allowing the domain name (in this example: abc.cde.com) access?

But domain name doest exist, they are an illusion for order.
The domains are only a fine looking alias for an IP address.
That is the point of DNS to be the phonebook for this nice looking alias, what IP address does that name have.

But if I know the phone number/IP address to my goal, why do I need a DNS then?

So how did you have in mind stopping the IP address and make anything work?

That's why reverse proxy is needed, if incoming header doesn't have the target domain then you can do whatever you want (e.g. bring them to error page)