Is there any way to restrict access IP that hosts with Nexus Repository 3 can access?

version : Sonatype Nexus Repository 3.60.0

when configured Sonatype Nexus Repository IQ Server
If you do not have IP access control as shown in the document below,
Port scanning using SSRF is possible.

So I want to use a method that limits the ip that hosts with Nexus Repository 3 installed in the document can access, how can I do it?

Also, is there a way not to expose error messages when an error occurs?
because there is a possibility that an attacker can exploit through error messages.

vulnerability procedure

  1. Log in as an admin account in the Sonatype Nexus Repository and access the IQ Server Registration feature.

  2. Verify that you can use the verify connection function to test connectivity with the server entered into the IQ Server URL

  3. Only http:// and https:// schemes are allowed at the URL of the IQ Server, and for example, the response value is as below

  4. At this time, has ports 21 and 22 open, and the verify connection function creates :21,: 22 after and requests it to see the open ports through response values that differ from previous requests. This shows that there exists an SSRF vulnerability that allows port scanning with the privileges of the server on which Sonatype Nexus Repository 3.60.0 version is installed.

The suggestion in the documentation is that as an administrator you may consider configuring your network to restrict access.

If so, are you saying that the suggestion in the document does not provide a separate function in sonatype, but it is also possible to configure and use the network so that the user can separately restrict access as an administrator?

Is it possible to implement the method suggestion in the document by the method in the document above?