Stopping script kiddies from messing with my GitLab

Hello all!

How can I reject all requests for my server’s IP address that don’t contain the real domain name? (I would like to stop script kiddies who scan every single IP address that DigitalOcean owns, then create new accounts on my GitLab!)

Important note: My GitLab is set-up with HTTPS.

Can I apply one one of these solutions to my Gitlab using the gitlab.rb file? I tried to apply Rolf’s solution using these instructions, but it didn’t work, because it applied Gitlab added the code at the end of the the server block and not the beggining.

Thank you!