Thanks for the response.
I appreciate the inter-dependency, and a firewall probably is the workaround that I'm
going to use - but it still seems a lazy approach? To just hide/restrict a security
problem rather than fixing the root cause. I was hoping there would be a better approach,
and I expected other users to have had these alerts flagged by vulnerability scanners if
I'm honest.