This would help avoid cases where users may not being using a firewall to block random ports and they are using VHOST-based deploys. Apps should only be routed to via the private docker ip address, not a public docker port.

Refs #207.
Refs #557.

@michaelshobbs I think you might be more familiar with how this works, so if you have time, would you mind taking a look at those PRs and modifying it to work in the new setup?