Adding feature to restrict direct access to media files by IP

First of all thank you for a great plugin. I’m able to effectively hide my site from the public and turn it into an intranet. However, there’s one flaw. If I provide a direct link to a media file on my site, the file is still publicly accessible. It disregards the IP restrictions. Would it be possible to add this as a feature to ALSO restrict direct access (hotlink) to the media files by IP. That would truly make the restriction comprehensive. Another feature that would be great is to restrict access to the LOGIN page by IP. Right now, the restriction ONLY works on the frontend, but /wp-admin/ is still accessible from anywhere.