Even running NodeBB naked, you could just handle this at the OS firewall layer.
From an admin empowerment point of view, I can see the appeal of having it built into core (or via plugin), however.
Yes, would be handy. Just thinking that there is a solution today as well. Overall I agree, a plugin would be best.